View Full Version : How cybercriminals invade social networks, companies

03-04-2010, 12:30 PM
How cybercriminals invade social networks, companies

By Byron Acohido, USA TODAY

SAN FRANCISCO — "Hey Alice, look at the pics I took of us last weekend at the picnic. Bob"
That Facebook message, sent last fall between co-workers at a large U.S. financial firm, rang true enough. Alice had, in fact, attended a picnic with Bob, who mentioned the outing on his Facebook profile page.

So Alice clicked on the accompanying Web link, expecting to see Bob's photos. But the message had come from thieves who had hijacked Bob's Facebook account. And the link carried an infection. With a click of her mouse, Alice let the attackers usurp control of her Facebook account and company laptop. Later, they used Alice's company logon to slip deep inside the financial firm's network, where they roamed for weeks. They had managed to grab control of two servers, and were probing deeper, when they were detected.

Intrusions like this one — investigated by network infrastructure provider Terremark — can expose a company to theft of its most sensitive data. Such attacks illustrate a dramatic shift underway in the Internet underground. Cybercriminals are moving aggressively to take advantage of an unanticipated chink in corporate defenses: the use of social networks in workplace settings. They are taking tricks honed in the spamming world and adapting them to what's driving the growth of social networks: speed and openness of individuals communicating on the Internet.

"Social networks provide a rich repository of information cybercriminals can use to refine their phishing attacks," says Chris Day, Terremark's chief security architect.

This shift is gathering steam, tech security analysts say. One sign: The volume of spam and phishing scams — like the "LOL is this you?" viral messages sweeping through Twitter— more than doubled in the fourth quarter of 2009 compared with the same period in 2008, according to IBM's X-Force security research team. Such "phishing" lures — designed to trick you into clicking on an infectious Web link — are flooding e-mail inboxes, as well as social-network messages and postings, at unprecedented levels.

More at the link.

USA Today (http://www.usatoday.com/tech/news/computersecurity/2010-03-04-1Anetsecurity04_CV_N.htm)