Social Networking Site Safety Questioned 73
An anonymous reader writes to mention a TechNewsWorld article about social networking sites. Researchers are finding these places are goldmines for social engineering exercises. Between worm attacks and simple human observation, sites like MySpace are the perfect place to obtain saleable personal information. From the article: "The danger is real, according to a study conducted by CA and the National Cyber Security Alliance (NCSA). In October, the alliance issued its first social networking study examining the link between specific online behaviors and the potential for becoming a victim of cybercrime. Despite all the publicity about sexual predators on sites like MySpace and FaceBook, the alliance took a different approach by measuring the potential for threats such as fraud, identity theft, computer spyware and viruses. Although 57 percent of people who use social networking sites admit to worrying about becoming a victim of cybercrime, they are still divulging information that may put them at risk, as Boyd suggested. Social networkers are also downloading unknown files from other people's profiles, and responding to unsolicited instant messages that could contain worms, the NCSA reported."
Fix the ohter end? (Score:3, Interesting)
all the best,
drew
the answer to this is so simple... (Score:5, Interesting)
One of our HR people just to prove a point attempted to look at my profile, and then sent me a friend request which I denied for that reason. Making a definitive wall between work and whatever it is that I do at home is very important.
of course (Score:2, Interesting)
Myspace, hi5, bebo, is just to name a few i see around here in job corps,
ever wonder why AOL Userers got the most phising emails, because most AOL users where morons
Nosey sites (Score:2, Interesting)
Ex-fricking-actly (Score:3, Interesting)
Of course, the only really reliable way of proving identity is some kind of private key crypto backed up by high-end biometrics (eg, retinal scan, or dna), and the odds of something like that being implemented are hilariously low, for about a million reasons.
At the very least there needs to be some sort of private ID that is used to verify the "public" id that you pass along to the credit companies and whatnot.
Re:it holds true for myspace (Score:3, Interesting)
Aren't your local White Pages more dangerous by default? I mean those are opt-OUT, while MySpace is opt-IN
On the other hand, (Score:5, Interesting)
Teach internet responsibility in school (Score:3, Interesting)
We need to teach the kids that not everyone on the internet is your friend. Not everyone on the internet is who they say they are. You can protect yourself from malware by using safe browsing behavior (don't click OK at every message that pops up, smiley face add-ons are not so smiley). Never give out personal information on the internet unless you are absolutely positive that the person you are giving it to is in fact who they say they are, and there is a legitimate reason for it. This means no SSN, phone number, credit card/bank numbers, address, etc.
Like I said earlier, when I was in school, all of this was not really a concern, so I'm not sure if schools are actually teaching this kind of stuff.
Re:On the other hand, (Score:2, Interesting)
I agree. I think there is a difference between caution and paranoia. As long as you aren't stupid, and don't make available information such as credit card numbers, social security numbers, and so forth, I don't see much wrong with posting basic demographics like age, sex, and even locations. It's the type of information that can be obtained by someone who wants it, anyways, and can potentially add to the sense of the online "community." I don't have a MySpace, but I do have a Facebook profile. I keep it private, but still recognize that the information in it, including cell phone numbers, AIM screennames, and pictures, are online and thus potentially available to an unauthorized party.
I'm sure my phone number, email address, and even postal address are circulating around without my knowledge offline. Putting it online may expose me to spammers, but hey, I've got a good email filter, I'm not afraid to hang up on people, and who really sends junk mail on paper anymore anyways? Besides, it's in the phone book. And I'm not too afraid of sexual predators--I don't fit the demographic, and I'm not stupid enough to meet some unknown person at a shady coffee shop either.
And my picture? Big deal, check last month's newspaper, because there's a photo of me. What I'm trying to illustrate is the availability of information about me away from the internet, and the futility of trying to protect basic information in the first place. If an attacker (social, sexual, political, or even a government assassin because I heard the wrong conversation somewhere) wants to learn about me, he can. There's risk everywhere, as the parent pointed out.
Re:In other news (Score:2, Interesting)
Nooooooooooow ya tell me!
Actually, I think, in a bit of irony, I caught this one from the UPS man the last time he handed me a crate of Kleenex through the basement window, 'cause I don't remember leaving home lately. I'll have to wear gloves and soak them in Vodka for a week before handling them next time.
In a bit of further irony today I had intended to be far away from anywhere with a net connection, or people, but I couldn't leave home, becasue I have the flu.
So here I am.
Lucky you.
KFG