Sophos Threat Report highlights Social Networking security threats

24th January 2011
Sophos Threat Report highlights Social Networking security threats

The Security Threat Report 2011 published this week by UK-based IT security and control firm Sophos, highlights the increasing threats computer users experience on social networking sites. We depart from our India focus to bring you the highlights of this important study; extracts from the report on specific threats to Facebook and Twitter – and a link to the full 52 page report. A Sophos video, detailing the Twitter worm attack can be found for a few days at our tech video slot.

By mid-2010, Facebook recorded half a billion active users, making it not only the largest social networking site, but also one of the most popular destinations on the web. Unsurprisingly, this massive and committed user base is heavily targeted by scammers and cybercriminals, with the number and diversity of attacks growing steadily throughout 2010 - malware, phishing and spam on social networks have all continued to rise in the past year, with the survey finding that-
-40% of social networking users quizzed have been sent malware such as worms via social networking sites, a 90% increase since the summer of 2009
-Two thirds (67%) say they have been spammed via social networking sites, more than double the proportion less than two years ago
-43% have been on the receiving end of phishing attacks, more than double the figure since 2009
"Rogue applications, click jacking, survey scams - all unheard of just a couple of years ago, are now popping up on a daily basis on social networks such as Facebook," says Graham Cluley, Senior Technology Consultant at Sophos. "Why aren't Facebook and other social networks doing more to prevent spam and scams in the first place? People need to be very careful they don't end up being conned for their personal details, or get tricked into clicking on links that could earn money for cybercriminals or infect innocent computers."
Although results vary across the individual networks of Facebook, Twitter, MySpace and LinkedIn, the latest poll suggests that half of those surveyed have been given unrestricted access to social networks at work. Paradoxically, 59% believe employee behavior on social networking sites could endanger corporate network security, and 57% worry that colleagues are sharing too much information on social networks.
"Total bans on users accessing social networking sites are becoming rarer, as more firms recognize the value such sites can bring in raising brand awareness and delivering social media marketing campaigns," explained Cluley. "If your business isn't on Facebook, but your competitors are, you are going to be at a disadvantage. But you have to be aware of the risks and secure your users while they're online."
Although 82% of the survey's respondents felt that Facebook posed the biggest risk to security, Sophos has labeled an attack on the Twitter micro-blogging network as the biggest single social networking security incident of 2010. The infamous 'onMouseOver' Twitter worm hit the Twitter site in September 2010, and spread like wildfire. The cross-site-scripting (XSS) attack demonstrated how quickly vulnerability on a social network can affect a huge number of users. High-profile victims included ex-Prime Minister's wife Sarah Brown, Lord Alan Sugar, and even Robert Gibbs, the press secretary to US President Barack Obama.

Extracts for the Sophos Threat Security report 2011, on Facebook and Twitter threats: One of the more common types of attacks hitting Facebook users is “clickjacking,” also called “UI redressing.” These attacks use maliciously created pages where the true function of a button is concealed beneath an opaque layer showing something entirely different. Often sharing or “liking” the content in question sends the attack out to contacts through newsfeeds and status updates, propagating the scam.
Clickjacking uses the standard arsenal of social engineering techniques to lure new victims and trick them into clicking on the disguised links, many of which developed a rather dark tone in 2010. Alongside the usual barrage of lures such as humor, compromising pictures of celebrities and major news and entertainment events, we saw a rise in increasingly bizarre and often gruesome content. Stories of suicide, car crashes and shark attacks, the allegedly “horrific” effects of a popular drink and over-the-top revenge stories were all clickjacking scams in 2010. On some days last year, cybercrooks introduced dozens of new scams.
The “Survey scam” tricks users into installing an application from a spammed link. To access the application’s alleged (but often non-existent) functionality, users must grant access to their personal data. This sends out links to a new stash of contacts; that also must fill in a survey form, which earns the application creators money through affiliate systems.
Facebook founders and operators insist that keeping users safe from spam and scams is a top priority, and they use large teams of security experts to remove suspect applications as soon as they’re detected or pointed out by users. Yet, the problem continues to grow as the site’s growing user base makes it an ever richer target for the bad guys.
The scale of malicious activity on Facebook appears to be out of control, and people are taking notice.
The full report in PDF format can be found here: http://www.sophos.com/sophos/docs/eng/papers/sophos-security-threat-report-2011-wpna.pdf 

Jan 24 2011