Safety in Social Networking Brandon Cain, Data Security Coordinator
Overview • Welcome & Introductions • What are Social Networking Sites? • Popular Trends in Social Networking • Social Networking Issues • Tips for Social Networking Safety • Online Safety Resources • Questions & Answers
What are Social Networking Sites? Social networking sites, or “friend-of-a-friend” sites: • Build upon the concept of traditional social networks • Allow you to connect to new people through people you already know • Allow you to establish friendships, relationships or business contacts Although some features of particular sites may vary, most: • Allow you to provide information about yourself • Offer you a communications mechanism (forums, chat rooms, email, instant messenger) to connect to others • Allow you to search for people based on certain criteria, or will “introduce” you to new people • Have online communities or subgroups based on your particular interests, or the interests of others
What are Social Networking Sites? • The main types of social networking sites are those that contain: • Category divisions (former classmates) • A means to connect with other people • A recommendation system based on trust • The most widely used sites in North America: • Facebook • Twitter • MySpace • LinkedIn • YouTube • Other popular sites used globally include: • Windows Live Space, Xanga, Friendster, Nexopia, Bebo, Hi5, Multiply, StudioVZ, Tagged, Badoo, Orkut, Mixi, and Skyrock
Popular Trends in Social Networking As the increase in popularity of social networking is on a constant rise, new uses for the technology are constantly being observed. • College students • Social networking between businesses • Major uses for businesses and social media: • To create brand awareness • As an online reputation management tool • For recruiting • To learn about new technologies and competitors • As a leading tool to intercept potential prospects • Social networks in the science communities • Social networks used by teachers and students as a communication tool Ning.com is a site that allows you to create your own social networking site to fit your own niche group.
Social Networking Issues The most prominent issues surrounding social networking sites are: • Privacy • Disclosing too much personal information • Data/Identity theft • Viruses • Potential for misuse • Bullying • Falsifying personal information • Social engineering • Risks to child safety • Sexual predators • Security Implications • When deciding how much information to reveal on social networking sites, people may not exercise the same amount of caution as they would when meeting someone in person because: • the Internet provides a sense of anonymity • the lack of physical interaction provides a false sense of security • they tailor the information for their friends to read, forgetting that others may see it • they want to offer insights to impress potential friends or associates
Social Networking Issues Koobface: • A computer worm that targets users of social networking sites • Attempts to gather victim sensitive information: credit card numbers, passwords, etc. • Spreads by delivering messages to “friends” of people with innocuous subject headers (e.g., “My friend caught you on camera”) • Provides a link to a 3rd party site where victims are prompted to download and update to Adobe Flash Player • If downloaded, Koobface commandeers surfing activities directed at infected sites • Among the components is a proxy tool that allows attackers to abuse the infected PC *Windows operating systems are currently the only ones affected by these worms
Social Networking Issues Hoaxes and phishing attacks: • Facebook deleting inactive users hoax • A bogus warning states that Facebook is becoming overpopulated, and inactive users will soon be deleted; the message instructs users to copy/paste the message and send it to all of their “friends” in order to prove their active status. • MySpace Photobucket virus warning • A bogus message warns that a “virus” is circulating via MySpace that can compromise a user’s Photobucket account, delete account content and post nude images to his/her friends list. • This attack provides a link in a bogus comment to a fake Web page designed to mirror the MySpace homepage; users who attempt to login through this bogus page relinquish their legitimate login details to attackers.
Tips for Social Networking Safety How can you protect yourself? • Limit the amount of personal information you post. • Remember that the Internet is a public resource. • Be wary of strangers and skeptical of content. • Don’t always trust that a message is from who it says it’s from. • Use caution when clicking links. • Verify the identity of the site or sender. • Use an updated browser. • Protect your PC before you download anything. • Update your OS automatically. • Use anti-virus and anti-spyware detection software. • Use a personal firewall.
Tips for Social Networking Safety How can you protect yourself? • Evaluate your settings to restrict access. • Do not allow social networking sites to scan your email address book. • Directly enter the address of your social networking site into your browser. • Be careful when using extras on your site. • Use strong passwords. • Check privacy policies and choose carefully. • Stay abreast of the latest tricks, scams, and hoaxes. • http://mashable.com/ - The Social Media Guide • http://www.hoax-slayer.com/ - debunking email hoaxes and Internet scams • http://garwarner.blogspot.com/ - UABs Gary Warner blogs on cyber crime
Online Safety Resources To learn more about staying safe online, or to report social networking safety issues, visit the following organizations: • Federal Trade Commission — www.OnGuardOnline.gov • GetNetWise — www.getnetwise.org • Internet Keep Safe Coalition — www.iKeepSafe.org • i-SAFE — www.i-safe.org • National Center for Missing and Exploited Children — www.missingkids.com; www.netsmartz.org • National Crime Prevention Council — www.ncpc.org; www.mcgruff.org • National Cyber Security Alliance — www.staysafeonline.org • Staysafe — www.staysafe.org • Wired Safety — www.wiredsafety.org