Here's what social networking looks like on the dark side: one in
100 tweets today are malicious, and one in 60 Facebook posts are as
well.
Facebook users are the least confident in social network security,
with 40 percent confessing they feel unsafe on Facebook, while 28
percent feel that way about Twitter, and 14 percent on LinkedIn.
But that doesn't mean LinkedIn won't eventually become a big target
for cybercrime: "When you look at the actual damage that could be
done to a business" by hackers targeting LinkedIn accounts, it's
high for business disruption and employee misinformation, for
example, says Daniel Peck, senior research scientist with Barracuda
Labs, who at HackerHalted in Miami shared Barracuda's latest data
on malicious activity on Twitter, Facebook, and on search
engines.
According to new Barracuda survey data of social media users,
LinkedIn is the least-blocked social network by enterprises, with
only 20 percent of organizations preventing their employees from
using LinkedIn from work. That in contrast to Twitter (25 percent);
Google+ (24 percent); and Facebook (31 percent).
Peck predicts that LinkedIn definitely will be a target for
badness. "I think there will be a lot of social attacks there," he
says.
Interestingly, most users say the important factors to consider
when joining a social network are security (92 percent), that their
friends use it (91 percent), privacy (90 percent), and ease of use
(87 percent). More than 90 percent have received spam over a social
network, and more than half have experienced phishing attacks. More
than 20 percent have received malware, 16.6 have had their account
used for spamming, and about 13 percent have had their account
hijacked or their password stolen. More than half are unhappy with
Facebook's privacy controls.
Meanwhile, Barracuda counted 43 percent of Twitter accounts as
"true users" with real followers and regular tweets, and 57 percent
as "not true users" -- either spam bots or inactive accounts.
Attackers abuse Twitter in much the same way that they engage in
search-engine poisoning, according to Peck, casting a wide net and
hoping to get more eyeballs. "Facebook manipulates trust more
– your Friends are people you make eye contact with," he
says.
"Facebook is less likely to get hit by a driveby download or to
exploit your browser. Twitter is more likely" to get hit that way,
he says. "A Facebook [attack] is more likely going after your data,
or pushing an affiliate scam sort of thing."
The good news about Facebook abuse, Peck says, is that it's become
high-profile enough that word gets out faster when a scam hits. A
prime example was this week, when a "Starbucks' anniversary" scam
began to spread. "So Starbucks Corporate put out on Twitter that it
was a Facebook scam and was not real," Peck says. "This is getting
big enough that the big companies are starting to notice the
scams."
Barracuda also measures search malware on Google, Bing, Twitter,
and Yahoo over a 153-day period and found 34,627 malware samples,
with one in 1,000 search results leading to malware. And one in
five search topics lead to malware, with "music + video" containing
the most malicious links.
Source:
DarkReading