Beware of cyber-criminals on social networking sites

30th July 2009, Comments 0 comments

More cyber-criminals are using personal data posted on Facebook, MySpace and other social networking sites to steal bank account data, warn experts.

Valencia – Facebook, MySpace and other social networking sites are increasingly being targeted by cyber-criminals drawn to the wealth of personal information supplied by users, experts warn.

Data posted on the sites – name, date of birth, address, job details, email and phone numbers – is a windfall for hackers, participants at Campus Party, one of the world's biggest gatherings of Internet enthusiasts, said.

A vicious virus Koobface – "koob" being "book" in reverse – has affected thousands Facebook and Twitter users since August 2008, said Asier Martinez, a security specialist at global IT solutions provider Panda Security.

"Its spread has been very significant and it has been detected in 4,000 different variants," he told AFP at the week-long event which wraps up Sunday in Valencia in eastern Spain.

The virus hijacks the accounts of social networking site users and sends messages steering friends to hostile sites containing malware, a malicious software often designed to infiltrate a computer system for illicit purposes.

In one of its variants, Koobface sends the victim a warning that its Flash player is outdated along with an invitation to download a new version, which is in fact the virus.

Malware can be used to steal bank account data or credit card information once installed on a personal computer.

Facebook has sought to resist attacks by Koobface and similar viruses by blocking links to hostile sites and shutting down accounts from users that show signs of infection, such as sending too many messages.

"You also must be very careful with people who ask to join your friends list," said Laura Garcia, who writes a popular blog about Internet security, adding that hackers often sent requests.

Another danger of social networking sites are the popular quizzes, horoscopes and games made available for free to users which can sometimes be used to hide links to hostile sites, she added.

Birthday greetings and well as messages sent at Christmas and other holidays may also appear to come from friends when in fact they are linked directly to sites that try to convince would-be victims to reveal personal information like passwords or bank numbers, said Martinez.

The vulnerability of social networking sites was underscored in a study by security company Sophos made public earlier in July.

It found that about half of all companies in the United States block some or all access to them due to concerns about cyber incursions via the sites.

Facebook says that less than one percent of its users have been affected by a security issue, such as a virus, since the site opened in 2004.

Garcia said the number of viruses detected in recent years has exploded while the profile of cyber-criminals has changed.

"Before it was very savvy teenagers who wanted to show off their computer skills. Now you don't really need to know much about information technology to be a hacker, all the tools have already been created," she said.

Real cyber-crime mafias have now taken over, especially in Russia, China Brazil and the Ukraine whose goals are purely economic gain, she said, underscoring that hacking could be highly lucrative.

For an initial investment of USD 1,500 (EUR 1,050, CHF 1,630) for Mpack, a programme created to infect web pages, hackers can obtain a profit of between USD 21,000 and USD 847,000 in just one month, Martinez said.

Around 6,000 people are expected to attend the Campus Party in Valencia, which unites participants from all over the world to share ideas, experiences and all types of activities related to computers, communications and new technology.

The annual event began in Spain in 1997 and editions of the event have since been held in Brazil and Colombia.

AFP / Expatica

0 Comments To This Article