|
A study conducted by AVG and the CMO Council determined that, while users of the various social networking portals are aware of the dangers found on many of those sites, few are taking some of the most basic of precautions when it comes to protecting themselves.
The results of the study, which included 250 consumers, indicated concern over growing Phishing, Spam, and Malware attacks, and nearly half of those surveyed were concerned about their personal identity being stolen in an online community. At the same time, less than one third are taking actions to protect themselves.
Of those surveyed by CMO and AVG in the second quarter of 2009, 86-percent said they use social networking sites on a regular basis. This admission included social networking usage at home and at the office. When asked about safety precautions taken, 64-percent said they change their password infrequently or never. This stands out as most people will use the same password for everything online, so a compromise on one level can lead to compromises on another.
Several social networking portals, Facebook for example, offer privacy settings control. When asked, only 43-percent of those surveyed said they use those settings to limit the amount of information handed out by the site. The other 57-percent said they rarely, if at all, mess with these settings.
“As social networking populations grow globally and the proliferation of niche social networks and mobile offerings extends the reach of social communities, the threats and vulnerabilities are escalating accordingly,” said Donovan Neale-May, executive director of the CMO Council.
“More frequent breaches and outbreaks on popular social sites are a testament to the need for a more preventative mindset and threat-alert culture among community users.”
Again, the participants who said they used social networking sites are both aware and concerned about the threats. However, 21-percent will accept contact offerings from other members that they do not know, 64-percent admit to clicking on unknown links, and 26-percent share files. In addition, over 50-percent said they allow others access to their social networking profiles on their system.
As a result of some of these security gaffs, 47-percent of those included in the study have suffered a Malware related attack or compromise, 20-percent have experienced identity theft, and more than half have seen Phishing attacks, but it is unknown how many were Phishing victims.
The idea of social networking is to not only keep in contact with people you know, but to expand your social circle by including people you do not know, but who offer something of value.
Clicking on random links, or in the case of Facebook loading applications that anyone can create and then allowing them access to your profile, is just one way a person can find themselves in hot water.
We asked one user how many Facebook applications they were currently using, and why they allowed said applications to access their profile. In response the user said, “I'm not sure how many I've granted access to, a couple games on my own but mostly apps that friends/family send things through, although I've denied quite a few.”
Adding, “As for why, I suppose a combination of trusting the security of the site and that I try to be conscious of the information I post just as on any site. I know there are still risks, but I try to balance caution with the benefits of participating in conversation and games with friends and family.”
The idea of exploiting trust in the website and in the community circle is how many criminals stay successful. If a person or source is seen as trusted, then there is little risk associated with anything that source offers in the eyes of the user. The foreknowledge of any type of threat goes out the window if the content comes from someone within a circle or from a known source.
This is why criminals are able to target people using malicious search links, or hijack trending topics on Twitter. Facebook is still dealing with Koobface problems, as the Malware makes rounds on the site.
With all this in mind, AVG offers the following advice: Do not accept pop-ups or prompts for software, unless you're armed with some sort of security software, which checks each site for infections prior to access. Never provide, post, or submit any confidential personal data (e.g., SSN, banking details, medical records). Social networking sites do not require this sort of information to join, unless you're online dating or paying monthly.
When it comes to passwords, AVG adds that you change them at least once a month. At the same time, never change them if prompted with a random password change reminder on a social networking site. Also, none of the social networking portals, such as MySpace, Facebook, and Twitter, will ever ask for personal information over email.
“The fact that users understand the risks, and yet are failing to take the basic steps to protect themselves presents an interesting challenge to companies, like AVG, that are working to create a safer cyber community,” said Siobhan MacDermott, Head of Public Policy, Corporate Communications and Investor Relations, AVG Technologies.
According to MacDermott, AVG hopes to reverse this trend on familiar turfs such as Facebook and Twitter.
“Our DataSnatchers campaign is a viral effort that will not only get consumers thinking about their personal security but will also provide them with simple tools to do something about it when they are in the spaces that make them feel the most vulnerable.”
Part of the DataSnatchers campaign is to layer security for users by using two AVG tools, LinkScanner and AVG anti-Virus, both are available free of charge. You can download them from AVG’s website, www.avgfree.com |
