We All Love Facebook…..but?

The big three…..Facebook, Twitter, and Friend Feed, places where we all go to network socially. But lately it seems that all of these venues for communicating with our friends and family, have come under scrutiny relating to security problems. All of the social networking sites have come under fire regarding privacy issues. Remember when Facebook changed it’s policy overnight and all of your photos and information were changed to a ‘Public’ status, which had to be reset. Bad move, hell, even Mark Zuckerberg had his photos become public, which were quickly changed, but what was going through their minds to change their terms, and not even have the CEO of the company aware of these changes. All this aside, as disturbing as it is, it is not the biggest threat that is being aimed at us through these social networking venues.

Account hacking is fast becoming a serious problem on the sites. Once only limited to email accounts, Spear Phishing is fast growing in popularity among the bad guys and is something that everyone should be aware of. Weak sign on credentials, from users, are making it even easier for these crooks to hack accounts and eventually gain access to places in which no one, in their right mind, would allow them. Check out my post HERE on setting up a more secure password.

Bad Guys are targeting individual accounts by hacking into their friend’s accounts. What happens, is that a bad guy gains control of someone’s Facebook account, and now has access to all of that person’s friends. They will then send a targeted message which states something to the effect of, “You Should See The Photo I Got Of You Last Night”. Of course, you think you know this person so you click on the link which will take you to a fake website, one that looks exactly like one that is very familiar to you, such as Fickr.com. Now keep in mind that this web page will look very much like a real Flickr page, and will ask you to click on a link to view this photo. When you click on this link, a message will display telling you that a new version of Adobe’s Flash Player, or a different Codec is needed in order to view this photo. Conveniently, a link is supplied so that you can get these new versions in order to make it easier for you to view this much anticipated photo. But what we don’t do, is look at the URL, to see where we really are. You are not at Fickr.com but are at a bad guy’s page. When you click on that link to get that new version of Flash or that new Codec, your computer is immediately infected with what will most likely be, a Trojan Horse. This Trojan will now open up your computer to all sorts of new infections, like Keyloggers, and Worms. This could open you up to identity theft, stolen personal data, such as credit card info, banking credentials, and possibly even Social Security Numbers, which could allow the bad guys to open up new credit card accounts in your name.

The point is that as long as you are aware of these issues, you can safely post and communicate with friends via these venues. However, it is critical, that whenever you click on a link, that you keep an eye on the URL (Uniform Resource Locator). For more information on URL’s you can check out my two part posts by clicking on Part 1 HERE, and Part 2 HERE.

Now I use Facebook, Twitter, and Friend Feed, however I like to keep my accounts buttoned down, and only communicate with friends, family, and some friends-of-friends, but that is it. I have seen accounts that are completely public, meaning anything that is posted is visible to everyone. More and more employers are turning to these venues to check on your back round. Imagine a potential employer seeing the photo of you at that party 2 years ago, lying on the floor drunk. That would definitely make me think twice about hiring you. Keep your most personal information PRIVATE.

Now even more devious than the above mentioned hacking of an account starts in exactly the same way. You get your account hacked. Well now you take your computer to work and connect to the network there. Well now the bad guys can see the same things that you can see on your work’s network. Keep in mind, that there is no way that you will know that this is happening.  So you say, well I don’t have any high clearance access to any critical information. No, you may or may not, but someone that you network with at work may, and your computer being infected may allow this worm to spread higher and higher up the chain. This has just happened recently. An occurrence, such as this, could cost you your job.

This is all the more reason to make sure that you keep information on all of your Social Networking accounts private. At the very least, you want to make sure that any that could cause embarrassment (or worse) is, without a doubt, kept private.

Enjoy this new technology, but keep yourself safe. Social Networking is enjoyable and is very useful, however always remember, that what you do and post today, may come back and haunt you years from now. Once it is public, it just never goes away.