GDATA: CyberCrime 2.0, Criminals love social networking, Facebook & Co are highly rated by online criminals
December 2008 by G DATA
Social Networks offer people across the world numerous opportunities for socialising with new contacts or keeping in touch with old ones. And it’s not only the die-hard networkers who are impressed with platforms such as Facebook, My Space, XING or Linkedin. The shadow economy has also discovered that networking pays. According to analyses made by G DATA Security Labs, the criminals have long been using the idea of these participation networks for their own purposes. The infiltration of communities, the spreading of spam or malware have in the meantime become a part of everyday life within social networks. And the trend is increasing!
The potential abuses the criminals have conceived are highly varied and range from targeted spying on personal data, through spam and phishing mail distribution up to exploitation of security holes within the particular social networking platform.
Ralf Benzmüller, manager of G DATA Security Labs, is sounding the alarm: "Online criminals have been thinking on community lines for a long time. During the past few months, we have observed a threatening increase in criminal activity within social networks. Hardly any community remains unaffected. The tactics of the offenders are ingenious and embrace the entire eCrime repertoire. Alongside the direct insertion of malware or the distribution of mass mailings, the offenders use social networks to entice users to primed websites. The objective: infection of computers through drive-by infections or file downloads or enticing potential purchasers to the ordering pages for dubious offers." The high acceptance of social networks and their specialisation on individual topics brings the criminals a rich yield: "In comparison with the real world, costs, effort and possible profit offer criminals a particularly favourable costprofit ratio. Facebook alone has more than 130 million global users," sums up Ralf Benzmüller. "The sub-division into sub-communities means spammers can accurately direct their junk mail at a particular target group."
Targeted attacks on companies
The information, which members of social networks divulge about themselves and their living circumstances, also permits cyber criminals to carry out targeted attacks on companies. "With the information that you can collect in Xing about a particular company, targeted phishing mails can be sent to company management, sales or accounts. This can take into account, position within the company, colleagues and hobbies. Tailor-made spyware Trojans infiltrated in this manner can ruin companies," warns Ralf Benzmüller.
The largest social networks (worldwide)
Platform Users (in millions)
My Space 117
(Source: comSource, 09/2008, XING)
Personal data targeted
Alongside the direct insertion of malware or the distribution of mass mailings, the offenders use social networks to lure users to primed websites where they can steal personal data so that they can sell it for a profit. Targeted by the offenders are login data and classical account data, telephone numbers, email addresses and dates of birth. G DATA Security Labs has currently determined a black market price of some € 40 for 500 MB of uncleaned data. The receivers of this stolen data sell this data on many times over to dubious foreign call-centres thus providing them with easier access to customers.
The transparent networker
Platform users often frivolously expose personal or company data to a wide
spectrum of the public. Information which, for example, with Xing or Linkedin
is published without protection is available not just to friends. Using services
such as 123people or Yasni, it is easy to compile user profiles, places of residence
or hobbies and use them for targeted attacks. "Essentially you should
only publish in Social Networks, what you would also happily write on an advertising
hoarding at a central station. Companies should release appropriate
guidelines to limit abuse," says security expert Ralf Benzmüller.
Basic security measures
If you are using social networks and wish to minimise your personal security
risk when doing so, you should follow some basic security tips:
• A computer can be infected with malware by merely visiting a website (drive-by-download), without any hard disk access taking place. Classical virus scanners, which only monitor the file system, can therefore be ineffective. Additional protection is offered by an http scanner, which checks the web content before it reaches the Internet browser and can cause possible harm.
• Users of Xing, Linkedin and Co. should only make their personal data available to selected persons. Otherwise people search engines such as 123people or Yasni can index, save and make this personal data available to anyone who wants it.
• The virus protection, the operating system and the browser should always be updated to the latest version. This closes any possible security holes and ensures that your virus defences are always up to date.
• A bit of scepticism about friend requests from unknown persons - who could be dealers in stolen data on the look-out for personal data which they can then sell on - is also a good idea.
• Do not respond to queries in which you are asked to reveal passwords, account numbers, PIN codes or other personal information, especially if you are threatened with having your account closed.
• Use complex passwords. Avoid readily accessible terms, names or dates of birth. Otherwise you run the risk of having your password guessed. Rather select a password combination of letters, numbers and special characters, which you won’t find in any dictionary.
• Use a different password for every community!