The FBI has issued a press release warning that there has been an increase in the hijacking of social networking accounts. According to the Internet Crime Complaint Center (IC3), cyber-criminals have been hijacking accounts and sending out e-mail saying they are in legal or medical distress overseas and they need your help.
Also in the report is a warning over phishing attacks. Cyber-criminals send e-mails with an issue that needs your attention. When unsuspecting users click on the link provided, malware is downloaded to their system. Other scams include getting users to download applications or a video that carries an infected payload.
The FBI release is just another in a long list of reports on social networking threats that came out this year. RSA issued a report earlier this year indicating that phishing attacks were up 66 percent last year. Web-based threats jumped 63 percent during the month of April, according to Network Box, a managed security vendor. That report said the increase was due to the bad economy.
As security professionals, we need to be concerned and informed if our company is using any social networking sites as part of the business model. We know cyber-criminals can hijack accounts and e-mail customers on our behalf, which comes into play in our e-mail monitoring efforts. According to the FBI, you should warn your customers/users to do the following:
It is important to educate our users about the possible security risks and current issues they face. Remember, their issues are our issues. They are the weakest link in our security chain.