Cybercriminals target popular networking sites

by CXOtoday Staff    Jun 25, 2010

According a market estimate, revenues from social networking services will grow to around US $2.4 billion by 2012. According to Trend Micro, it is because of this ever-growing popularity, social networks have been a continuous target of cybercriminals to proliferate their malicious schemes. Trend Labs Researchers received samples of another Facebook spam, this time also taking advantage of the popular micro-blogging site, Twitter.
The mail, which poses as a Facebook notification message, uses adult-themed strings to lure users into opening the attachment. Social networks are still on the verge of reaching their peak, as an increasing number of users spend more time on managing their accounts.

According to the latest findings by Nielsen, social networking and blogging account for one in every four-and-a-half minutes people spend online. With Facebook still remaining as one of the world’s most popular social media sites and Twitter not far behind, cybercriminals will most likely use these sites more and more to propagate malicious codes.

Cybercriminals misuse the credibility and popularity of such sites for their own profit. They could play with users’ personal information in order to commit ID theft. For eg: Recently cybercriminals used Twitter as a technique to lure users into clicking a malicious link. Since Twitter is a trusted source, users may think the email they received is legitimate. In fact, Twitter itself is also becoming a means of spreading spam.

Koobface is a classic example of a worm that spreads via social networking sites such as Facebook, Bebo, and Friendster. Koobface has been particularly problematic for Facebook users, and maintains a rather consistent presence among Facebook social network users. Facebook, which has over 300 million users, was the original target of the KOOBFACE botnet. Following are four easy-to-follow tips that Trend Micro recommends that can help you avoid infection by Koobface and other social networking worms. 
Avoid promiscuous ‘friending’. Spammers, phishers, and worm distributors abound on social networking sites. Log out of the social networking site when it is not being used. Worms like Koobface can only spread when you are logged on to Facebook or other social networking account. Staying logged off when not in use can help minimize the potential for spreading Koobface or other social networking worms. Use a unique strong password on each account.

If you have multiple social networking accounts, use a unique password for each. Never click links in messages received unexpectedly and never, ever login to any site as a result of clicking a link in a message. If you do follow a link that instructs you to login afterwards, close the page, then open a new page and visit the site using a previously bookmarked or known good link.