Tag Archives: MalwareCity

BitDefender Study – Your Facebook and Twitter Link Clicking Habits Suck!

imageEarlier this month, I wrote an article Twitter, Tweets, Cyber-Criminals And You, in which I set out the potential security pitfalls associated with Facebook and Twitter, and described the type of wonky security behavior (based on personal anecdotal evidence), generally demonstrated by social networking users.

Realistically, one of the problems in using anecdotal evidence is – while the conclusion may be true, (in this case it is true), it doesn’t always follow directly from the evidence.

A few days ago, when BitDefender passed along the results of its new study on Facebook and Twitter users’ link clicking habits, which revealed that 97% of respondents will click on links shared within social networks without checking them for malware, which confirmed my anecdotal evidence, I must admit, I got that “Cheshire Cat” grin.

A quick overview of the test methodology:

BitDefender created Facebook and Twitter test profiles and built a circle of 1,900 friends interested in reading about the latest news from various domains covering an assortment of hot topics such as accidents, security news, entertainment industry news, and scientific discoveries.

In the span of one week, three URLs leading to malware were shortened and modified to make the malicious pages unavailable and harmless, then sent out to the list of friends.

Despite countless awareness campaigns aimed at  warning users about the possible dangers behind shortened links, ninety-seven percent of the test profile’s friends admitted to clicking the bad links.

More details on this study are available at MalwareCity.com

I’m by no means a luddite when it comes to social networking sites; quite the opposite in fact. On balance, social networking is a good thing – it’s opened new doorways of opportunity to stay connected.

But here’s the rub – with those positive opportunities, comes a new set of opportunities for cyber-criminals. So now, more than ever,  social network users need to be aware of the risks. And, quite obviously, reassess their link clicking practices.

If you are a Facebook user, you can you can increase your safety margin by using the free BitDefender safego application designed to keep social network accounts from being exposed to malware, and spam.

Update: Cosme, brought to my attention that there is a Firefox add-on designed to expand shortened URLs – Xpnd.it!

From the Mozilla site: Automagicallly expand and analyze any tiny URL so to avoid clicking on potentially harmful, malicious links! It supports more than 500 services and it is very fast, thanks to local caching plus three layers of remote caching on the server-side. Download here.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

4 Comments

Filed under BitDefender, cybercrime, Don't Get Scammed, Don't Get Hacked, FaceBook, Internet Safety, Online Safety, Reports, social networking, Social Networks, Twitter, Windows Tips and Tools

Screwed On A Social Network? – Who’s Fault Is It Really?

Not a day goes by, it seems, when Facebook and the opportunities it presents for cyber criminal activity, isn’t in the News. Not mainstream News, of course, since cyber crime rarely involves sex, or violence.

Mainstream media, where salacious and violent news reports rule the airwaves, determined, it seems to me, it had nothing to gain by advising you of the following, very unsexy, non violent, Facebook threats – all from this week incidentally.

‘LOL is this you?’ spam spreading via Facebook chat

Facebook scam: “I may never text again after reading this”

How to Spot Facebook Scams Like ‘Dislike’

Facebook Fires Back at ACLU’s Criticism of ‘Places’

Facebook Warns of Clickjacking Scam

But, throw Facebook and sex into the equation, and mainstream media are out of the gate as if shot from a cannon.

The discovery, that a pedophile ring which used Facebook as their communication channel had been broken up, and the perpetrators arrested, made headlines around the world, just yesterday.

And why not? This is the kind of news event that allows the media to exhibit their moral outrage and indignation. But, when it comes to occurrences that can effect you, if you are a Facebook subscriber, for example – no outrage; no moral indignation. Curious, no?

Maybe I’m missing something here. Could it be that there’s consensus, in the mainstream media community, that Facebook users who become victims of cyber criminals are getting exactly what they deserve?

At one time, I gave the benefit of the doubt to Facebook users, since most typical computer users (I believed), made assumptions that sites like Facebook, and other social networking sites, were essentially safe, and harmless – that Facebook, and others, were looking out for their users interests.

I’ve long since given up on this rather naive view of Facebook users lack of culpability in any harm they were exposed to though. I find it difficult to be supportive of people who throw common sense out the window, and behave irrationally on the Internet.

Despite my hardened view that Facebook users who fall victim to cyber criminals are not entirely innocent, I was still taken aback by the results of a  study conducted, and just released, by BitDefender.

For study purposes, BitDefender asked the participants to “friend” a test profile of an unknown, attractive young woman.

Selected stats from the study:

More than 86 percent of the users who accepted the test-profile’s friend request work in the IT industry, of which 31 percent work in IT Security.

The most frequent reason for accepting the test profile’s friend request was her “lovely face” (53 percent).

After a half an hour conversation, 10 percent disclosed personal sensitive information, such as: address, phone number, mother’s and father’s name, etc — information usually requested as answers to password recovery questions.

Two hours later, 73 percent siphoned what appears to be confidential information from their workplace, such as future strategies, plans, as well as unreleased technologies/software.

Study methodology:

The study sample group included 2,000 users from all over the world registered on one of the most popular social networks. These users were randomly chosen in order to cover different aspects: sex (1,000 females, 1,000 males), age (the sample ranged from 17 to 65 years with a mean age of 27.3 years), professional affiliation, interests etc.

In the first step, the users were only requested to add the unknown test profile as their friend, while in the second step several conversations with randomly selected users aimed to determine what kind of details they would disclose.

Additional details on this study are available here (PDF), as well as on the MalwareCity blog post.

Given the state of the current, and increasing cyber criminal activity on the Internet, it’s almost certain that exposure to cybercrime on Facebook will continue to escalate, and with it, the dangers that this presents. Given the type of behavior reveled in this study, cyber criminals are sure to have a field day.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

10 Comments

Filed under BitDefender, cybercrime, Don't Get Scammed, Don't Get Hacked, FaceBook, Interconnectivity, Online Safety, Point of View, Privacy, Safe Surfing, social networking, Windows Tips and Tools