Earlier
this year Javelin Strategy & Research issued new figures on identity fraud, and unsurprisingly the focus
of the research was social media. Social, dating and business networking
websites such as Facebook, MySpace, Bebo, and LinkedIn, have rewritten the
digital landscape as users create their own profile and share conversations,
photos, videos, links and personal information with friends and other online
users. Unfortunately this opens the door to fraudsters who use these trusted
services to target victims with their scams. Many will be familiar to computer
owners: malware; spam; and page hacks; but less so in their new social media
guises...
Malware remains by far the most common social
networking fraud because members
will install user-created applications on their profile pages. These might be used for animation, calendars, photo-feeds or simple games, unfortunately they can often hide spyware,
trojans and viruses that members then unknowingly either download to their own
computers or post on their profile page. Social
networking sites are particularly vulnerable because, by their very essence, they are communities built on trust. Users don't expect to be scammed by other users and that makes them easy targets for
fraudsters.
Spamming is another familiar issue, such as the Nigerian
419 advance fee scam, only these are now often able to bypass spam filters by
coming through the social network. A great deal of social media spam will
originate from the victim, usually because they have installed a malware widget
program. Often purported to advance the design of a user's page, such malware
will actually be designed to spam all the user’s contacts.
But
fraudsters do not only want to use your profile to spam others. They want to
spam you. This is achieved with carefully targeted emails using the social
media search tools to identify a members' area of interest. In the worst case these details can be
collated into master spam lists of people with specific interests that
are sold on to other spammers.
In
part 2 we will look at the growing threat from social media identity theft...
No comments:
Post a Comment