INSIDE THIS ISSUE:  Staying Safe on Social Networking Sites
 
 

Use of Social Networking Sites on the Rise

The popularity of social networking sites – such as MySpace, Facebook and Twitter – has expanded tremendously in recent years, with nearly two-thirds of Americans using these sites regularly. The number of adult Internet users having a social networking account has more than quadrupled in the past five years, according to the Pew Internet & American Life Project. Social networking sites are becoming more ubiquitous – at home, in school and at the workplace. The sites also continue to serve as prime targets for malware distribution and scams. A recent study reported that 91% of respondents have received spam and 54% were targets of phishing attacks on social networking sites. While there has been increased attention to addressing security concerns relating to social networking sites, Internet users need to remain vigilant and take the necessary precautions when using these sites.
What Are the Security Concerns of Social Networking Sites?
Social networking sites continue to grow in popularity as attack vectors because of the volume of users and the amount of personal information that is posted. The nature of social networking sites encourages users to post personal information. The perceived anonymity and false sense of security on the Internet may cause users to provide personal information about themselves and their family online. The information you post online could be used by those with malicious intent to conduct social engineering scams or attempt to steal your identity to access your financial data. For example, many individuals are tempted to click on a video they see on a friend’s social networking Web page. Unfortunately, these videos may lead to a malicious website. When you access a site that has malicious code, your machine could become infected.
What Can You Do to Be Safe?
  • Keep your system updated: Ensure that any computer you use to connect to a social networking site has proper security measures in place, including anti-virus and anti-spyware software and a firewall. Make sure you keep these security measures up-to-date. Keep your operating system updated and patched. Set the configuration to “auto update” so patches can be applied automatically without intervention.
  • Use strong passwords: Protect your social networking account with a strong password. Do not share this password with anyone or use it for other sites. In addition, some social networking sites support features for stronger authentication, such as using one-time passwords when logging in from public computers or using your phone as part of the login process. Enable these features where possible. It is critical that passwords used on social networking sites not be used on other sites.
  • Be cautious when clicking on links: If a link seems odd, suspicious, or too good to be true, do not click on it.
  • Beware of scams: Criminals take advantage of the open nature of social networking sites to defraud individuals. Such scams sometimes use the pretext of a job offer or monetary prize. Another common scam uses hijacked accounts to contact the victim’s friends with requests for help, claiming that the person was robbed in a foreign country and needs money. Be cautious when contacted with a request for money or with an offer that sounds too good to be true.
  • Review privacy policies: Do not assume privacy on social networking sites. For both business and personal use, confidential information should not be shared. You should only post information you are comfortable disclosing to a complete stranger. Some sites may share information such as email addresses or user preferences with other parties. If a site’s privacy policy is vague or does not properly protect your information, do not use the site.
  • Do not share personal information: Do not respond to requests for personal information. Be wary if asked to “verify your information” or to “confirm your user-id and password.”
  • Be cautious about installing applications: Some social networking sites provide the ability to add or install third party applications, such as games. Keep in mind there is little or no quality control or review of these applications and they may have full access to your account and the data you share. Malicious applications can use this access to interact with your friends on your behalf and to steal and misuse personal data. Only install applications that come from trusted, well-known sites. If you are no longer using the application, uninstall it. Also, please note that installing some applications may modify your security and privacy settings.