Avoiding Twitter hacks, Koobface, and other security holes

Marcus says the soaring popularity of Twitter and Facebook, now the top social networking site on the Web (it long ago surpassed MySpace), is candy to hackers, who can now cause more damage with less effort.

“That huge amount of traffic solves a big problem the bad guys have always had, which is how to get the malware to you,” Marcus says. “There’s a big onus on the bad guy to take advantage of a high-traffic site.”

The prospect of more high-profile viral attacks, of course, is widely seen as problematic for Facebook, a media giant that has recently jostled with Google for media market dominance. (Facebook did not respond to repeated requests for comment.)

Adam Ostrow, the editor in chief of Mashable, a leading technology blog, recalled that a couple of years ago, MySpace began to suffer from an overload of spam, which clogged users’ mailboxes and comments sections.

“In some sense,” Mr. Ostrow says, “that contributed to [MySpace’s] relative decline. It’s something Facebook needs to work hard to address. They’ve done a decent job, but it’s hard to really educate mainstream users about what these scams are all about.”

In an e-mail message, a spokesman for MySpace says that spam has significantly decreased over the past year and that the networks takes a “holistic approach to providing users with a safe and secure experience.”

Bebo, which was recently bought by AOL, issued a statement urging users to take care when opening suspicious messages. Viruses, the statement read, “can be combated by adhering to a number of simple checks,” including contacting the sender of the message in question.

Marcus says that social network administrators won’t be able to prevent another attack, because viruses typically exist on users’ machines, and not in the networks themselves. Still, he suggested a handful of precautions all users should follow: run regular antivirus scans; invest in prepackaged security suites marketed by companies such as Symantec, McAfee Avert, and Panda; pay attention to site advisories, and track reports of new viruses.

“It comes down to reading,” he says. “I always read the subject line of the e-mail. In many cases, that’ll give you something – sometimes, they just look wrong.”

But things may get much worse before they get any better. Sherstobitoff, of Panda USA, says his company sees approximately 10,000 pieces of malware a day, each one “totally unique and different.” As hackers take aim at the fat target of social networks, users may find themselves under electronic siege.

“It’s an emerging threat,” Sherstobitoff says, “and it’s only going to get worse. We need to bring it to light.”

Previous

1 | 2