Actions

  Print Article
  BookMark Article

Author Login    Author Login

Important
Existing members will have to use the lost password facility to get new username and new password

Welcome Guest! Please login or create an account.

Username:

Password:



If you do not have an account yet, you can register ( Here ), or you may retrieve a lost user/pass ( Here ).

Navigation    Navigation

   10 newest articles RSS

Author Highlights    Featured Author

Daryl Ledyards
cali

View My Bio & Articles


ANNALISA ARMITAGE
-

View My Bio & Articles


Gerry Des Pilcher
Pevensey

View My Bio & Articles


Other Websites    Websites of Interest

Social Networking Sites Needs To Have Security Tightened To Minimize Increasing Attacks From Cyber Criminals

Author : Apple Tan


Social websites have become the new breeding ground for malwares. The first is a Trojan called Asprox.N, delivered via email informing users their Facebook account is being used to distribute spam and that, for security reasons, the login credentials have been changed.
The email includes a fake Word document attachment, and upon opening the attachment, this file is really a Trojan that downloads another file designed to open all available ports, connecting to mail service providers in an attempt to spam as many users as possible. The second malware strain, Lolbot.Q, is distributed across instant messaging applications such as AIM or Yahoo!, with a message displaying a malicious link. Clicking the link downloads a worm designed to hijack Facebook accounts, blocking users' access while informing that the account has been suspended.

To "reactivate" their account, users are asked to complete a questionnaire, and after several questions, users are asked to subscribe and enter their cell phone number, which is in turn charged a fee of $11.60 per week. Victims can restore access to their Facebook account only once they subscribe to the service and receive a new password.
However a recent study indicates that users of social networking websites potentially put themselves at risks to hackers and identify thieves because they engage in risky behavior. According to research done by the National Cyber Security Alliance (NCSA) and software firm Computer Associates, 74 percent of user divulge personal information, including email addresses and birthdays. Some users even download unknown files; respond to unsolicited emails or instant messages, all of which may lead to identity theft or virus attacks. Adults who use social networking sites may be putting themselves and their businesses at risk as well the report suggests. Of those who have access to a computer at work, 46 percent engage in social networking at the office, potentially making the workplace vulnerable to online security threats.
What's more disturbing, security company Panda Labs has discovered an online service that promises to hack into Facebook accounts for $100. They claim they will provide "clients" with login and password information to access any account on the social network. In the case of celebrities or other well-known entities, they can be used to defame the account holder, spread information in their name, etc. In any event, this is criminal activity.
"The service's real purpose may be hacking Facebook accounts as they say, or profiting from those that want to try the service," says PandaLabs Technical Director Luis Corrons. "In any case, the Web page is very well designed. It is easy to contract the service and become either the victim of an online fraud, or a cyber-criminal and accomplice in identity theft. Once an intruder hacks into a Facebook account, all personal data published on the site can be stolen."
In order to stay safe and protect users from getting hacked, the popular social networking site Facebook is rolling out a new set of security features. Facebook, with over 500-million members, has added the ability for users to login and surf the site using a more secure encrypted connection, known as HTTPS. The encryption is the same used on shopping and banking websites to secure connections, and was previously used on Facebook when passwords are checked. It keeps malicious users from spying on your account and seeing your password, among other things. The new security option is available for some users now, but will be rolled out to everyone over the next few weeks, Facebook says. But to get the extra shield, users have to go into settings and turn it on.
These report findings clearly points out that data breaches are very common these days. One way to mitigate Internet security risks is through technical security training. EC-Council's brand new TakeDownCon is a technical information security conference series, in addition to learning from some of the best security experts, TakeDownCon also offers highly sought after technical training courses, including the Certified Ethical Hacker (CEH) course, often touted as the world's most comprehensive ethical hacking training program.
The CEH Program certifies individuals in the specific network security discipline of Ethical Hacking from a vendor-neutral perspective. The Certified Ethical Hacker certification will fortify the application knowledge of security officers, auditors, security professionals, site administrators, and anyone who is concerned about the integrity of the network infrastructure. A Certified Ethical Hacker is a skilled professional who understands and knows how to look for the weaknesses and vulnerabilities in target systems and uses the same knowledge and tools as a malicious hacker.


Author's Resource Box

ABOUT EC-COUNCIL:
EC-Council is a member-based organization that certifies individuals in various e-business and security skills. It is the owner and developer of the world famous ethical hacking training, the Certified Ethical Hacker (CEH) course, Computer Hacking Forensics Investigator (CHFI) program, License Penetration Tester (LPT) program and various other technical security training programs offered in over 84 countries around the globe. TakeDownCon Dallas 2011, is one of the conferences of EC-Council’s Take Down information security conference series.


Article Source:
Articlebliss

Tags:   information security conference, technical security training, ethical hacking training

Author RSS Feed   Author RSS Feed     Category RSS Feed   Category RSS Feed


 

  Rate This Article
Badly Written Offensive Content Spam
Bad Author Links Mis-spellings Bad Formatting
Bad Author Photo Good Article!
 

 

 

 

Submitted : 2011-04-22    Word Count : 845    Times Viewed: 363