When Remya, a Facebook user saw an application on her wall saying ‘Click here to check who viewed your profile’, curious, she clicked on the link.
An hour later she realised her account had being hacked after friends complained that she had posted malicious links on their Facebook walls. With Remya, her 250 friends also became victims of the malicious software.
With the growing popularity of social networking in India, perpetrators are increasingly using easy mediums such Facebook and Twitter for conducting illicit activities.
Facebook with around 12 million users in India has played host to a string of malicious attacks: ‘The last minutes of Osama Bin Laden’, ‘What are you doing in this video?’, ‘You know who just got a new iPad2 for no cost, etc. These are just a few of the recent malicious campaigns that hit the Facebook walls.
According to security experts, the reason for targeting Facebook is the burgeoning number of users, users age and their profile.
“Most spams or links have attractive headlines that make the user curious. Since Facebook does not provide a system to view the visitors of your profile, when an application appears on the Facebook wall its natural that you might click,” says Vinoo Thomas, technical product manager, McAfee Labs.
More From This Section
Apart from this, according to a report from Trend Micro, there was another attack on Facebook which claims to have the ability to verify the security of users’ accounts. It said, by clicking the link users can avoid Facebook spam. However, in reality, accessing the site is just another ploy to instigate the very same threat that the user wants to prevent.
Most social networking sites have two basic application types: Social plug-ins that allow the integration of basic features onto any website and canvas applications that interact with the profile and can send updated messages or open new pages. Another reason cited for increased attacks on Facebook is there easy access.
Some of these applications can access public information, profile information, access posts in the newsfeed, access photos and videos, access data any time. Also, an application can request off-line access privileges from a user. If they are granted, the application can access the user information at any time, regardless of whether the user is actually interacting with the application or even logged into the social networking sites,” Abhijit Limaye, Director, security response, Symantec said.
Twitter is another social media platform that is becoming the tool for cyber criminals. Every tweet in Twitter is restricted to 148 characters and this is becoming an advantage for criminals. Twitter is becoming a mass-medium for information circulation and most posts in Twitter uses shortened Uniform Resource Locator (URLs). Cyber criminals use this embedded URL as an easy tool, they follow you and learn your interests and post attacks with similar topics and a shortened link of malicious content. These links can make your computer a botnet.
Security experts recommend not to use unknown applications or URLs which can compromise your security. It is always better to take precautions than falling prey for somebody.
Recently, leveraging on global events, criminals are making more attacks on the recent events and it is expected to grow. Experts says users has to be cautious as they become more curious for gathering information, as criminals are defining various ploys to steal information.