Social
networking has become most popular activity in today’s Internet world, with
billions of people across the world are using this media to meet old friends,
making new friends, to collect and share information, social networking while
being a popular media has several disadvantages associated with it. These sites
can be trapped by scammers or hackers leading to loss of confidentiality and
identity theft, of the users.
Social Networking sites expose the kids to various risks like, disclosure of personal information, cyber-stalking, access to inappropriate content, online grooming, child abuse, etc. In addition there are many more risks like fake profiles with false information, malicious application, spam, and fake links which leads to phishing attacks etc.
Because
of the threat posed by cyber criminals, taking it upon yourself to secure your
social networking accounts is of the utmost importance.
Spam:
As we all know that spam is usually unwanted e-mail advertising about a product sent to list of e-mails or group of e-mail addresses.
As we all know that spam is usually unwanted e-mail advertising about a product sent to list of e-mails or group of e-mail addresses.
Similarly
spammers are sending the unwanted mails or messages to the billions of users of
social networking sites which are free; and is easily accessable by spammers to
gather the personal information of the unsuspecting users.
Scams
Online scammers generally send an e-mail or message with a link to the user which ask for the profile information and tells the user that it would add new followers.
These
links sent to the user would be similar to applications, games etc. So whenever
the user post his details in the link then the details will be received by
scammers and information would be misused.
Phishing
As we all know the phishing attack is creation of fake site just similar to original site.
Similarly
these days even social networking phishing has come in different flavours just
like phishing attacks on banks and popular trading websites. Social networking
phishing has come up with fake mails and messages like offering some
specialized themes, updating the profile, updating the security
application/features etc. In order to see the updates the user needs to follow
a link and log in, through which the credentials are taken by the attacker. The
linked page is a fake copy of the original login page, focused on stealing user
account credentials.
Clickjacking
Generally, clickjacking is a malicious technique of tricking
Web
users into revealing confidential information or taking control of their
computer while clicking on seemingly innocuous Web pages.
Vulnerability
across a variety of browsers and platforms, a clickjacking takes the form of
embedded code or script that can run without the user's knowledge. The same is
followed in the social networking domain. The objective behind such an attack
is that users can be tricked into clicking in the links, icons, buttons etc,
which could trigger running of processes at the background without the
knowledge of the user.
Malicious applications
Malicious application might come through different application while using or installing software’s. Similarly, the clicking on the social networking application starts the application installation process or link to view the video, etc.
In
order to fulfil its intended operation the application requests for some
elevated privileges from the user like access to my basic information , update
on my wall, post on my wall, etc as shown in the following figure.
Sometimes
e-Mails are received with fake e-mail address like services@facebook.com
by an attachment named, “Facebook_Password_4cf91.zip and includes the file
Facebook_Password_4cf91exe" that, the e-mail claims, contains the user's
new facebook password. When a user downloads the file, it could cause a mess on
their computer and which can be infected with malicious software.
Tips to avoid
risks by social networking
- Limit the information you put in the social networking sites.
- Don’t put personal information like your family details, addresses, personal photographs, video, etc. In case if you put your personal photographs try to change settings and make visible only for friends
- Most of the sites and services provide options for privacy settings to prevent attackers to view your information. You can make use of these options to choose/deny whom you want to allow to see your information.
- Be careful if you want to meet social networking friends in person, some times it may not be their true identity which is posted on the social networking sites.
- Always think before you meet such strangers. If you decide to meet them do it in a public place during the day. Kids should never be allowed to meet such strangers alone.
- Don’t ever click suspicious link while logged into social networking accounts.
- Always clean browser’s cookies and cache.
- Install a good and latest version of Anti-virus to keep your system free from malicious applications like virus, worms and Trojans.
- Don’t ever run any java scripts while logged into your social networking accounts.
- Don’t ever share your password with anyone; and keep changing your password regularly. Always use proper password (min 8 digits with a mix of alpha numeric & special characters)
- Don’t ever login to any site other than the legitimate sites and always check the URL for misspelled links before you proceed further .
- Use Virtual Keyboard, wherever possible to enter your password for better security as these cannot be captured by key-loggers.
No comments:
Post a Comment