Sophos report reveals increase in social networking security threats
Inside you'll find a wide variety of threats discussed including:
- Social networking threats
- Fake anti-virus
- SEO poisoning
- Data loss and encryption
- Web threats
- Email threats
- Malware trends
- Windows 7
- Apple Macs
- Mobile devices and smartphones
One of the key findings is that reports of social networking spam and malware attacks have risen once again.
By mid-2010, Facebook recorded half a billion active users, making it not only the largest social networking site, but also one of the most popular destinations on the web. Unsurprisingly, this massive and committed user base is heavily targeted by scammers and cybercriminals, with the number and diversity of attacks growing steadily throughout 2010 – malware, phishing and spam on the various social networks have all continued to rise in the past year.
Sophos polled users asking if they had received spam, phishing or malware attacks via social networks. This is how they responded:
To explain that graph another way:
- 40% of social networking users quizzed have been sent malware such as worms via social networking sites, a 90% increase since April 2009
- Two thirds (67%) say they have been spammed via social networking sites, more than double the proportion less than two years ago
- 43% have been on the receiving end of phishing attacks, more than double the figure since April 2009
This isn't just a problem for home users. Many people check their social networking accounts from the workplace, making the sites a potential vector for attacks against businesses.
There's no doubt that cybercriminals are showing a much higher level of interest in the social networks than ever before, with Facebook being the site they are targeting the most.
Facebook's recently clumsy introduction of a feature which would allow rogue application developers to access users' mobile phone numbers and home addresses (and its subsequent temporary withdrawal while it rethinks its approach) makes me question whether privacy and security are part of the company's DNA.
I see two possibilities.
Either Facebook simply doesn't "get" security and privacy. Or it just doesn't care.
I really hope it's the former. Because if it is, there's still a chance that Facebook can build a network that is secure for its users and will make its users' privacy a top priority.
There's a real problem, though, if Facebook just doesn't care that much about privacy and security. Because 500+ million users are going to find it very difficult to wrench themselves away from the world's most popular social network.
Download your free copy of the Sophos Security Threat Report 2011 now and learn more about not just social networking dangers, but also the many other security threats faced by businesses and computer users.
About the authorGraham Cluley is senior technology consultant at Sophos. In both 2009 and 2010, the readers of Computer Weekly voted him security blogger of the year and he pipped Stephen Fry to the title of "Twitter user of the year" too. Which is very cool. His awards cabinet bulging, he was voted "Best Security Blogger" by the readers of SC Magazine in 2011. You can contact Graham at firstname.lastname@example.org, or for daily updates follow him on Twitter at @gcluley.