PERSONAL AND CORPORATE INFORMATION CAN BE — AND IS — OFTEN COMPROMISED ON LINKEDIN, FACEBOOK AND OTHERS.
News item: Bogus malware-laden profiles were created by hackers to LinkedIn profiles, including celebrity profiles.
News item: The latest Facebook worm tries to get users to download a malicious codec from a video.
News item: An attack hijacked Twitter users, linking a tweet with a porn Webcam portal that might have been designed with credit card harvesting in mind.
News item: A worm that targeted MySpace users changed the links of their home pages and redirected them to phishing sites.
These are just a few of the problems facing users of social networking Websites, which are becoming a vital part of informal corporate e-learning initiatives. The problems even extend to Websites that court business executives like Ryze, Xing (formerly OpenBc), Ecademy, Hoover’s Connect, Spoke and Vshake. They often bypass security measures that have been put in place to protect the enterprise, such as firewalls, IDS/IPS, personal firewalls and gateway anti-virus systems.
As security issues continue to reveal themselves, the Websites themselves are doing everything they can to assure user safety. But, obviously, everything has not been enough so far.
So here are some initial suggestions for helping social network users avoid unwanted outcomes:
1) Keep your computer’s and network’s security programs up to date.
2) Establish specific company policies that limit what employees may share online, so that the company’s reputation and trade secrets are preserved.
3) Beware of messages with a link inside — even messages from trusted “friends.”
4) Keep in mind that online videos share a very common format, so codec in the form of executable setup files are likely “Trojans.”
5) Never provide personal information to someone in a social network environment, since you never really know who is on the other end.
6) Never perform file sharing across a social network environment.
The sooner we start figuring out more ways to protect against those who would do evil, the better off we’ll all be.