« Back to article | Print this article |
Abhay Bhargav on how hackers obtain your confidential data using social network website and how you can stay safe while networking with friends.
Most people are hooked to Social Networking sites like Facebook, Orkut or Twitter and use it diligently on a regular basis.
What if I told you that the same social networks could be used for stealing personal data on your computer and launching multiple attacks against your computer?
These are all active possibilities and they happen every day.
There are millions of people all over the world accessing social networks like facebook. They spend hours networking with friends, commenting on status messages and posts, watching videos that their friends and family put up, playing games and much more.
There is a trust relationship with users of social networking sites.
For instance, if your friend posted a link on his/her facebook profile, you wouldn't think twice before clicking it because you trust that person in real life and your trust relationship transcends to the virtual world as well.
Attackers use this trust relationship to trigger chain attacks that start off at one point and end up compromising several thousands of users of the social networking site.
Click NEXT to read more
The author is chief technology officer, we45 Solutions India Pvt. Ltd. http://www.we45.com).
Check out: The all new Gadgets and Gaming page
Reader invite
Are you a gadget/gaming wizard? Would you like to write on gadgets, gaming, the Internet, software technologies, OSs and the works for us? Send us a sample of your writing to gadgetsandgaming@rediffmail.com with the subject as 'I'm a tech wizard' and we will get in touch with you.
One of the most popular creations on social networking sites like Facebook is the use of 'apps'. Apps or applications are programmes written by third party developers for Facebook users for them to use and spread among their friends.
An app can be anything from a game like Farmville (a game simulating life on a farm) to a quiz on the latest Bollywood movies that you can take and challenge your friends with your score.
Attackers today use these apps to spread malicious code.
For instance, let us assume that your friend has sent you a request to join him/her on an app, which you need to enroll for. You enroll for the app and the app is installed on your facebook profile.
You open the app, and without your knowledge, certain scripts are executed and malicious software is downloaded into your computer compromising it entirely.
The attacker now controls your computer. This app might have propagated across the social network, where unsuspecting users view it as a fun application to play with, not knowing that they have just handed over the keys to their computer and the sensitive data contained within.
Another type of common attack on social networks is 'Quiz-Based Information Gathering'.
It is common knowledge that if you forget your password to your email or social network or another website, you need to answer certain password questions like 'What is your mother's maiden name?' or 'What was the name of your class teacher in High School?' to regain access to your account on that website.
Attackers write social networking applications disguised as quiz programmes to obtain this information. They call it thinks like 'Personality Quiz' or equivalent and obtain sensitive details that are commonly used as password questions on popular websites like Facebook, Gmail, Yahoo!, etc where you have your email address.
Once the attacker obtains this information, he/she can use these password answers and login as the user to their email accounts, banking accounts and other accounts that you use on the Internet.
Here's how you can stay safe on social networks