With the ever growing popularity of social networking sites like FaceBook and Twitter, it was inevitable that hackers would devise ways to exploit the sites’ numerous users in order to infect their computers. This malware is designed to do a number of things to your computer ranging from identity theft to turning it into their remotely controlled machine which they will “lease” for others to use.

Without up to date anti-virus and malware protection programs installed, social networking users can easily become prey to these ever resourceful attacks. While no computer is really safe, the best way to avoid becoming a victim yourself is to know what is out there and the type of things you should avoid, or at least be ware of. The following are some of the best practices you should use on Facebook, Twitter and other social networking sites (such as MySpace, Bebo etc.).

Avoid Malicious Links

The easiest way for a hacker to infect your machine is for you to do the work for him. This is by posting malicious links to Twitter or your Facebook wall. In the past, these links were fairly easily identified as the had a phrase, followed by a url (link). However, security researchers at Kaspersky Lab are telling use that these easy to identify messages are not so common any more. It is much harder to spot malicious links thanks to two newer methods that are described below:

Method 1: Hijacking Twitter’s Trending Topics

This first technique started to become popular in August of this year. This involves the hackers creating new Twitter accounts and then using the Trending Topics (in Twitter you can mark a post with a topic by using the # in front of it – e.g. #hacking would be a topic about hacking. The tweets with the most of these topics are called trending topics and appear on your Twitter sidebar). This allowed the post to be aggregated in the search results making it more likely users would click on the topic and hence the included link, taking them to the infected website.

Method 2: Hijacking Legitimate Accounts

This second method involves hackers taking over peoples accounts. The main way to do this is by phishing methods where they get a user to unknowingly give them their username and password to their Facebook or Twitter account. They hacker then has control over the account and can post as if they were the account owner sending out links to infected sites. The account owners Twitter followers or Facebook friends would see the link and think it was safe as they trusted their friend – not realizing the account has been compromised.

Email Links

Still around today is the problem of infected email links. Most users are wise to these emails and spam mails, however hackers fake emails from Facebook and Twitter and send them to users to asked them to update their account or open attachments. Again these are designed to phish for account information to take over (as in method 2 above) or to infect you with a link. Although many people are now aware of these types of emails, we still see so many of these techniques in the wild, it is clear they must still be working.

So How To Stay Safe – Some Best Practices

As we said before there are no fool-proof ways to stay safe, but by following these best practices you will reduce your chances of an infection:

1. Don’t assume a link is “safe” just because a friend sent it: As pointed out in method 2 above, your friend’s account may be infected or has been taken over by a hacker. You should never assume a link from anyone is safe just because they tweeted it or posted it to your wall. Try and use some common sense. If it sounds like something they wouldn’t normally send you or say in the message then be wary and don’t click. If you are unsure then try to contact them through other means (email, phone call) and ask them if it is legit.
2. Don’t assume Twitter links are safe just because Twitter is screening for malware: In August, Twitter teamed up with Google to use Google’s Safe Browsing API, a technology that checks links against Google’s Blacklist. This prevents spammers posting malicious links but does not stop them using link shorteners (such as tinyurl.com) which direct users to the same malicious websites. It is better than no protection at all but be very wary of shortened urls.
3. Don’t assume Bit.ly links are safe either: Bit.ly is Twitters default url shortening service and earlier this year they began warning users of malware. They also use Google’s Safe Browsing API along with two other blacklists to identify malicious url. The service does NOT prevent users from posting the malicious links, however it does warn you when you click one of the shortened links that the site being linked to is infected. However this is not 100% effective and Kaspersky have identified a number of malicious links that Bit.ly did not block. However, you can assume that Bit.ly is safer than other url shortening services because it is using this technology and it appears that hackers are avoiding this service because of the built in protection.
4. Use an Up-To-Date Web Browser:We recommend using the latest version of your preferred web browser and keeping it updated. For Internet Explorer that means Version 8, and as this is the most popular target for attacks (just because it is the most used browser) you must keep it up to date from Microsoft Update. Firefox is currently the second most attacked browser and it has a self updating feature – make sure you keep it on. Google Chrome is our preferred browser and it also has a self updating feature as well as “sandboxing” (restricted access to your pc) plugins. This means if an attacker was to exploit the browser and run some malicious code it would be isolated to this sandbox and cannot infect the entire machine. Opera and Safari are also good browsers and should be kept updated.
5. Keep Windows Up to Date also: As always, we recommend keeping windows up to date with the latest patches from Microsoft. Automatic updates should be turned on (unless you are using a service such as our support service where we maintain the patch, browser and virus updates for you).
6. “I use a Mac so I am safe!” – WRONG! While it is true the Mac users are less targeted than Windows users they are not immune to malware, despite what the TV ads say. Although Apple have added some malware protection in their latest software it only protects against TWO Trojans! According to Kaspersky there are currently a couple of hundred trojans designed to target the Mac specifically. In fact they believe there may be as many as a thousand but there are unable to identify them all as most Mac users do not have anti-virus software, which is where most of the data is collected from. Hackers are getting so industrious now, when a user goes to an infected website the hacker can tell whether they are using Windows or a Mac and change the Trojan accordingly. The only way to tell if your Mac is not infected is by running anti-malware but most Mac users won’t do this because they believe the commercials saying they are not at risk.
7. Keep Adobe Reader and Flash Up To Date: Currently Adobe Reader and Flash are the two most targeted programs by hackers. A major exploit was recently uncovered and Adobe had to rush out an update to fix some very serious flaws. Other methods of attacks is to send you to an infected website and the prompt you to update your flash or reader. Never do this as you will be downloading malware. Always update from the Adobe website or using the build in update mechanisms in these programs.
8. Be wary of emails saying they are from social sites: It is very easy for a hacker to spoof an email from Facebook or Twitter. As with all emails, you should never open any attachments or click on any links, especially those which tell you to update your account or to login to carry out some action. If you do click a link and it takes you to a site (especially one that looks like the real site) and it asks you to update or login – DON’T DO IT! You will be handing over your password to hackers who would then start posting links to entice your friends to the infected site also. You should always access sites by typing the link in the address bar in the browser or by adding sites to your favorites and clicking those links.

Hackers are always trying to keep one step ahead

As we have shown you there are many ways to protect yourself, but hackers are always trying to find new ways to trick you. Keep alert, follow ALL of the best practices we have outlined, not just one or two. Don’t assume anything is safe and if in doubt then don’t click the link or open the attachment. The same practices work for normal web sites (especially banks) but it gets harder when social networking sites are involved as you trust your friends and these links appear to come from them.

Stay Safe!

This entry was posted on Monday, November 2nd, 2009 at 8:41 PM and is filed under Best Practices, Business, Hackers, Social Networking. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.