News

Study shows high vulnerability of social networkers

Warwick Ashford

Facebook, LinkedIn, MySpace and Twitter users are more vulnerable to financial loss, identity theft and malware infection than they realise, a survey has revealed.

Social networking sites encourage users to behave in risky rays, the survey of more than 1,000 users by security firm Webroot found.

Three in 10 people admitted they had been attacked by cybercriminals through social networking sites in the past year.

These attacks include identity theft, malware infection, unauthorised password changes and friend-in-distress scams.

Yet, two-thirds of respondents said they did not restrict any details of their personal profile from being visible to search engines.

Some 80% allow at least part of their profile to be accessed by search engines and more than half are not sure who can see their profile.

Criminals typically use personal information to guess passwords and access accounts, warned Mike Kronenberg, chief technology officer at Webroot's consumer division.

"A third of those polled said they include at least three pieces of personally identifiable information in their profiles," he said.

Once criminals are able to access accounts they hijack them to send legitimate looking messages containing malware to other members of the social network.

More than a third of respondents said they use the same password across multiple sites, which means if one account is compromised, all others are vulnerable.

This risk is higher among users under 30, where 51% said they used the same password for all online accounts.

Social networkers should use privacy setting to restrict access to personal information, restrict personal information in profiles and use different passwords, said Kronenberg.

"Malware authors are continually writing new programs to avoid detection, so even if users have anti-malware installed, they should remain vigilant," he said.


Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
 

COMMENTS powered by Disqus  //  Commenting policy