Websense CTO Dan Hubbard outlines four ways companies can protect their information from threats and compromise on the social Web.
1) Most Web Posts on Blogs and Forums are Actually Unwanted Content (Spam and Malware)
As more and more people interact with each other on sites allowing user-generated content, such as blogs, forums and chat rooms, spammers and
cybercriminals have taken note and abuse this ability to spread spam, post links back to their wares and direct users to malicious sites. Websense
research shows that 85 percent of all Web posts on blogs and forums are unwanted content — spam and malware — and five percent are
actually malware, fraud and phishing attacks. An average active blog gets between 8,000 and 10,000 links posted per month; so users must be wary of
clicking on links in these sites.
Additionally, just because a site is reputable, doesn’t mean its safe. Blogs and message boards belonging to Sony Pictures, Digg, Google, YouTube
and Washington State University have all hosted malicious comment spam recently, and My.BarackObama.com was infected with malicious
More on CIO.com
Web 2.0 Definition and Solutions
Can Social Networking Be Secure at Work?
How to Use Social Networking Safely: Tips From Security Pros
2) The Top Search Results from Google are Safe, Right?
Search engine poisoning is growing in popularity
and used by cybercriminals to boost links to Web sites with malicious code or spam, up in the search rankings. Many users assume that the top results are
“safe” but really they are directed to infected Web sites. For example in March, basketball fans who typed “March Madness” into their Google search bar
and clicked on many of the top ranking links were actually led to Web sites infected with “rogue antivirus” software (see number 3).
3) You’re Really NOT Infected; Be Careful Before You Download That
In the past year Cybercriminals have increasingly used what’s known as “rogue antivirus” to get information like credit card numbers and other private
information from Web users. Typically, rogue antivirus authors use search engine poisoning to drive traffic to sites they own or have infected (as noted
above). Often they post links on blogs and forums that link back to a malicious site under their control. When a user visits these Web sites, a window
pops up warning them that their computer has been infected with malware. The user is prompted to pay money and download an “antivirus” software
program to clean their system. In reality, the attackers have tricked the user into disclosing their credit card information to pay for the fake software as well
as successfully installed malware on the user’s machine. One example is the well-publicized Conficker worm that infected millions of computers around the
world. Some users with the Conficker worm observed a file downloaded onto their machine. Upon running the file, the user was asked to pay $49.95 to
remove the “detected threat.”
The Anti-Phishing Working Group
recently published some interesting statistics showing that the numbers of rogue antivirus programs rose 225 percent from July 2008 to December 2008,
more than tripling the number of detected rogue programs from its July level.
Rogue antivirus attacks play on the fears of Web users and are a ploy for money, when in fact the computer user has not been infected, nor do they
need to install an antivirus program.
4) Sadly, You Really Can’t Trust Your Friends or Your Social Network
As a tweet from the Websense Security Labs recently stated, “Web threats delivered via your personal Web 2.0 social network is the new black
— do not automatically trust suspicious messages from friends.” The social networking explosion has created new ways of delivering threats.
Web users are so accustomed to receiving tweets with shortened URLs, video links posted to their Facebook pages and email messages purportedly
from the social networking sites themselves that most people don’t even hesitate to click on a link because they trust the sender.
The unfortunate reality is that criminals are taking advantage of that trust to disseminate malware and links to infected Web sites. Websense Security
Labs recently found examples of e-mails sent from what appeared to be Facebook, but were really from criminals that encouraged users to click on a link
to a “video” that was actually a page infected with malware.
Dan Hubbard is chief technology officer for Websense. He leads the global Websense Security
Labs team that researches and analyzes emerging Internet security threats and trends. Hubbard graduated with a BSc in information and decision systems
from Capilano College in Vancouver, Canada.
Follow everything from CIO.com on Twitter @CIOonline