Social networking sites are websites designed for human interaction like enable users to meet each others, keep in touch with them, share experiences, feelings and opinions. All Social Networks built on a similar foundation; the user builds a network of contacts bound by an element of trust.
The user creates content for his/her friends and accesses the content they have created. This content can include different things such as holiday pictures, interesting links, latest news, opinions, comments, mood updates and much other information. These information are treasure for Attackers and Criminals.
Social networking sites provide a lot of advantages for users and companies. Users can reestablish contact with old school friends, find activity or even life partners, create art and make new friends. Companies can build their brand, get valuable information about what customers really think, fix problems as they arise and many other value-adding activities.
2. THE DANGER OF SOCIAL NETWORKS
Social networking sites can also be a source of personal information leaks; they can become a malware attack vector when not used cautiously. Users trust their contacts to not send bad links, not trying to infect their computers and take good care of their personal data. URL shorteners are also a security concern and should be taken very seriously.
There are problems in social networking sites from legal point of view such as violation user’s data protection rights, identity fraud, absence of uniform rule at the international level. Social networks contain a wealth of personal data and information and some of that information would not be valuable by itself but having a clear picture of everything about a person can give criminals and attackers ideas and information required to perform other attacks such as credit card fraud or identity theft. Underground forums sell personal information so your data can be mined and stored somewhere in the dark corners of the Internet waiting for a criminal to pay the right price for it. Criminals and attackers can use this information to obtain birth certificates/passports/other documentation and fake real-life identities.
Attackers create large network contacts using different methods such as: Creating a fake celebrity profile and allowing people to add them to their contact lists, creating a female profile and publishing a pretty picture of “herself” then letting people add him/her to their lists, creating a duplicate of somebody’s profile and re-inviting all of their friends, creating a profile and adding themselves to a medium-sized group or community and inviting a number of members of the group (universities, schools, etc.) then joining a second group and starting again.
A lot of social network users do not realize that their contact lists really is a circle of trust and by adding somebody they
do not know they are opening their data to untrusted parties.
Some social network sites do not have privacy controls in place, or the ones they have do not protect all user data. Social networking sites keep adding to their security controls and refining their existing ones but as in any development project, they also continue to innovate on their platforms and add exciting new features, these new options need to keep
up with the security features or they too will suffer from security weaknesses, this is a cat-and-mouse game where the privacy and data security of the users are at stake.
3. Summary
Social networking sites enhance our life, we cannot count the advantages that we could get if we use them in a good manner, but at the same time Social networking site could be a main security threat if we do not have the awareness to use them in a safety way.
There are some simple steps and points that we should consider to protect our lives in social networks such as:
1. Keep your information as general as possible.
2. Read the privacy policy of social networking sites.
3.Do not add people that you do not Know or trust.
4. If you are using social networks to meet new people you should create a special account for that.
5. Do not click any unknown or suspicious hyperlinks.
6. Remember any data that you publish in the Internet it will be there forever and anyone could use and share them.
REFERENCES
[1]http://www.hausarbeiten.de/faecher/vorschau/147360.html
[2]http://us.trendmicro.com/us/trendwatch/current-threat-activity/undergroundeconomy/index.html
[3]http://www.w3.org/2008/09/msnws/papers/NETWORKS_LEGAL_PROBLEMS.PDF