/ciol/media/agency_attachments/c0E28gS06GM3VmrXNw5G.png)
Follow UsBANGALORE, INDIA: As the popularity of social networking sites grow with internet users, cyber attacks today are more concentrated on these sites resulting in increasing loss of personal and even banking details to cyber goons.
In an interview with CIOL, Shantanu Ghosh, vice president, India Product Operations, Symantec, discusses the different kinds of attacks happening on the social network sites and ways to prevent oneself from cyber attacks. Excerpts:
CIOL: What are the popular ways that spammers have leveraged on social networking sites to target victims?
Shantanu Ghosh: Spammers have leveraged social network in many ways to send spam. One of the popular methods is fake invitations which usually contains a link that redirects to spam website. This vector targets all users, regardless of whether they have an account or not.
Other popular methods being sending spoofed ‘Merge account’ notification, fake photo tag/comment messages, third party applications, and delivering notifications to spread malware. In one example, spammers sent messages prompting users to download a social networks toolbar, which was actually a Trojan.
Also read: Hacking smart phones is easy: experts
CIOL: Has Symantec come across any new techniques used by cyber criminals targeting social networking site users?
SG: Symantec, recently, witnessed an instance of botmasters tweeting their commands to zombie computers, through smart phones. Symantec has detected a new Trojan botnet creator tool, called “TwitterNet Builder”. The threat, called Trojan.Twebot, uses a Twitter account to issue instructions to the Trojans created by the builder. When building Trojan.Twebot, the user is able to supply a public Twitter account for Trojan. Twebot to follow. Because Trojan Twebot does not try to obfuscate commands on Twitter, it will not be difficult for Twitter security staff to find and close accounts abusing their service in this way.
Cyber criminals are also leveraging social networking sites to drop Trojans into unsuspecting users’ systems. For example, spam emails such as the one on the left have been doing the rounds on the Internet hoping to lure recipients into downloading a Facebook toolbar.
Also read: The real social network is at our fingertips
CIOL: What are the new things that cyber criminals look at when attacking users other than passwords or email addresses?
SG: Apart from passwords and email IDs, cyber criminals could be looking at tricking users into revealing their credit card information with tempting offers — ranging from discounted goods to attractive job options”. They could also look at fooling victims into parting with their money to purchase counterfeit/ineffective products.
Since social networking sites are trusted environments, they have also become a playground for cyber criminals to carry out social engineering attacks. More and more, attackers are going directly after the end user and attempting to trick them into downloading malware or divulging sensitive information under the auspice that they are doing something perfectly innocent.
CIOL: A year has passed since Koobface was first detected; yet it's still active. What is Symantec doing in this regard?
SG: The Koobface worm infects users by using social engineering attacks. It spreads by abusing social networking websites or by employing search engine optimization techniques to lure potential victims to malicious sites.
Symantec security products are designed to remove malware such as Koobface by disabling system restore (Windows Me/XP), updating virus definitions, running a full system scan and deleting any values added to the registry.
Symantec is also constantly monitoring the internet threat landscape for outbreaks of Koobface and other malware through the Global Intelligence Network, which includes researchers throughout the world collecting information about online fraud, malicious code and security risks, analyzing them to figure out how they work, and then developing real time updates to the Symantec products that protect computers at homes and in workplaces around the world.
CIOL: What are the simple steps a user can take to check a malicious mail?
SG: One of the ways to check malicious mail is to unsubscribe from legitimate mailings that you no longer want to receive. When signing up to receive mail, verify what additional items you are opting for at the same time. De-select items you do not want to receive.
Further, one should avoid publishing email address on the Internet and delete all spams regularly. One should avoid clicking on suspicious links in emails or IM messages as these may be links to spoofed websites. When visiting a website it's better to type the web addresses directly into the browser rather than relying upon links within messages.