Social Networks is the first in a series of “Target” articles, discussing the various areas the cybercrime organizations are attacking. Unfortunately for computer users, our Internet environment is, as the military would say, “a target rich environment”. By social networking sites we refer to Facebook, Twitter, and LinkedIn.
As we’ve mentioned in the past, global cybercrime is organized and the organizations resemble a hybrid of a mafia and a large corporation. They are organized to steal money, but select their target markets and “products” (read malware) in a very business-like manner. Many of their decisions, tactics, and strategies over the last three or four years have been very similar to those I learned in graduate business school. And are very similar to those tactics and strategies followed by very large global corporations. We’re not dealing with bright teenage hackers here, this is big business…serious business, making serious money.
One of the strategies a large corporation will use is to evaluate it’s current and potential markets and products to determine which will be most lucrative, least risky, and their potential for growth. Cyber criminal organizations do the same thing. They choose markets that have the largest number of Internet users, with the greatest propensity to believe a phishing email or message and click on a malicious link. They choose malware that is successful in creating the largest revenue streams. They also track this revenue and have been known to stop using a malware that no longer produces at a high level; usually because the Internet security companies have developed a way to detect the malware and therefore its productivity falls off.
Social networks like Facebook, Twitter, and LinkedIn are targets for two main reasons. First, they have lots of users that can be accessed with a single phishing message and malware, in the case of Facebook, a billion users; and hundreds of million users in the others. Second, as part of their culture, social networking users have a high level of trust; and a below average knowledge of computer and Internet security best practices. Thus they are a perfect target for cybercriminal organizations to exploit.
Of course there’s nothing wrong with the use of social networking sites; they serve a very useful purpose—evident by their popularity and size.
However,users of these networks need to:
1. realize that they’re part of a criminal target;
2. become much less trustful and much more cynical in their use of them; and
3. learn how to protect themselves by using computer and Internet security best practices to increase their safety.
To learn more about this issue, see Internet Security and Social Networking with Facebook, LinkedIn, and Twitter.
Be very careful…it’s dangerous out there.
I hope you enjoyed this article; and if you’d like to receive an email when a new article is posted, please sign up for an email subscription on my home page. Don’t worry…I won’t give your email address to anyone…No One; I hate spam too. Please share my blog with your friends and family. I’m also on Twitter @PaulsInternet .
Images courtesy of FreeDigitalPhotos.net and FreeByte.com