Tuesday, 01 June 2010 06:40
Social networking is here to stay. Facebook, Twitter, LinkedIn, and others are commonly used on a daily basis. Their proliferation has benefits, but also has concerns centered around issue of privacy, safety, and ethics.
When discussing security and privacy in regard to social networking, the two have separate definitions but are usually linked in real-world situations. Security is generally defined by how well a site or company can thwart hackers and stymie malware attacks on their firewalls; privacy has more to do with how much information a social networking service collects and how it shares that data.
Privacy is a tricky issue, because users have the ability to control what information they place on a site and can generally use site-provided settings to control how much of their information can be seen and by whom. However, privacy settings can be confusing to some users, especially when a site changes its privacy policies too frequently.
Hackers are obvious threats to security, but perhaps nothing is as dangerous as a con artist in the digital age. The difference between a hacker and a con artist is that the former breaks in, whereas the latter simply persuades you to let him in by subterfuge.
Con artists have a number of well-known methods for bilking people out of passwords, personal information, and more. Social engineering tactics, where a cyber criminal tries to trick you into giving up sensitive information by posing as a legitimate entity or by gaining your trust, are some of the most common.
A related tactic is personality hijacking, which involves creating an online presence for someone else without their knowledge or consent. This is easy to do if you have basic information about the person. With hijacking, a cyber criminal can simply assume a false identity and damage someone's reputation by sending out embarrassing messages or posting unacceptable comments on a message board or blog post; more deviously, a hijacked personality can be used to coerce information from a friend or colleague of the person whose identity was stolen.
Protecting yourself from most social networking-enabled attacks and vulnerabilities is mostly a matter of education. Following are some basic tactics for avoiding scams and malware.
An easy tactic concerns username and password strength. Basically, you need to use different passwords for different accounts. If you use the same password for everything from online banking to your online wine of the month club, all a criminal has to do is figure out a single password to gain access to your entire online life. You should also check the privacy settings on any social network you join; chances are, the default settings won't provide an acceptable level of privacy.
Another important strategy that may not be immediately obvious include logging out of every session on a social networking site.
Finally, as a rule, remember that anything that you put online is effectively available for public viewing. Technically, if privacy settings are set correctly, a post on a social networking site may not be available for public consumption, but all it takes is one leak before the whole world sees that slightly off-color remark you intended for close friends.
by Seth Colaner
PC TODAY
