Social networking sites wish dramatically increased our vulnerability to cyber-crime, as McAfee demonstrated at its Focus 2010 discourse in Las Vegas this week.
Dave Marcus, director of security scrutiny and communications at McAfee, explained that typical mass-emailed spam attacks effect at a success rate of around one per cent.
This expedient that only one in 100 people are expected to click the poisoned links included in their emails. These links could download malware to the users computer, by the ultimate aim of making money for the cyber-criminal.
Marcus regular that criminals can vastly improve their success rate using open-beginning intelligence, which is publicly available data from social networking sites.
No code needs to be written. Cyber-criminals just use whats on the ~side there to own your machine and steal your data, he reported.
Marcus explained that in Web 2.0, people are openly sharing complaint in a non-solicited way, now with attached GPS data up~ the body Twitter, for example.
Social media tells me what people are talking almost now, not five minutes ago. Thats very powerful from a marketing vista and from anperspective. I need to know what youre raving about right now, because thats going to motivate you, he uttered.
Marcus demonstrated Twitscoop, a site which shows the most popular topics life discussed on Twitter in real time.
These topics become the building blocks for what we want to use to target people. You taint the information you send back to get them to do somebody you want them to do, he explained.
Once youve lay the ~ation of the hot topic to motivate people to click your link, the next step is to find the tool to distribute it. Twitter itself can be the distribution mechanism.
Attacks can even be specifically targeted to one individual, with little effort. Marcus showed how easy it is to exercise free site Twitterbot.
You enter the username of the user you destitution to monitor, click build and youve got a bot, he reported. Theres no way to knock it offline, theres ~t one central command or control.
Marcus then demonstrated how much notice can be found on an individual using only data that the bodily form has freely elected to share with the world, and the universes cyber-criminals.
Marcus picked on an individual at random from those tweeting closely allied the conference in Las Vegas and including GPS data with their tweets.
When we sudden motion looking and drilling into one individual, you quickly find out some awful lot. You can see the platform he uses, the stratagem and where he is. You can see the route he drives, and at which place he lives and works, and even where he buys coffee, he said.
Marcus explained that this information makes targeted phishing very easy on this account that all the information needed is made freely available across the internet. Its to a high degree, very simple to do, he added.
The message from the rigorous was clear be vigilant when protecting your personal information.