Social Networking Websites Becoming Hackers’ Favorite Targets

Mikko Hypponen, Chief Research Officer at F-Secure, states that widely-used social networking websites like Twitter, LinkedIn and Facebook are currently the key targets of cyber criminals, as reported by Guardian on November 29, 2009.

Given that cyber criminals are continuously attacking social networks across the globe, these people seem to steal profiles of the site members and then e-mail to all the contacts in their accounts with a web-link as well as a caption such as "check this out." The recipients, who believe the e-mail is sent by someone known, open the link which leads to the theft of their personal information, said Hypponen.

Hypponen also said that he didn't use Facebook, and people thought a single phishing couldn't churn money from Facebook but that wasn't the case with Internet crooks. According to the researcher, all such phishing attacks against Facebook are just the beginning, as reported by Telegraph on November 29, 2009.

He felt perplexed at the manner in which people performed Internet banking on websites whose domain names had the common suffixes like .uk or .com since it helped cyber criminals to create effective although fake websites almost daily, said Hypponen.

According to him, websites, which appeared authentic because of their URLs' suffixes, were actually under criminals' control. Their names were misleading as they only resembled the actual banking sites, while their domain registration cost merely £3 and use false contact details. Fraudsters subsequently sent consumers a number of spoofed or phishing e-mails, enticing them to visit the websites that eventually seized their financial details.

Meanwhile, damage from the malware spreading through social-networking websites is tenfold than damage from e-mail-borne malware.

Believing that enough seriousness isn't still being given to tackle cyber crime, Hypponen has asked the Internet Corporation for Assigned Names and Numbers (ICANN) that registers high-profile domain names, for establishing a special domain costing £30,000 that would effectively eliminate imitations. This comes after ICANN has recently decided to permit non-Latin characters in URLs, which some security specialists think might increase the number of phishing attacks.

Related article: SoCal Computer Hack Traces to Watsonville

» SPAMfighter News - 12/5/2009