Beware: Your Facebook profile could send you broke

Ian Grayson
Wednesday, 09 April 2008 05:01

Your IT - Home IT

Because users trust the sites, they tend to be happy to allow them to install small add-on applications or open a file downloaded from that site. Such files can then launch attacks at other members of the victim’s personal social network.

Scroggie warns personal information taken from social networking sites is also being used by attackers to mount targeted phishing attacks.

Rather than blindly sending out attacks to vast numbers of email addresses, the attackers use the personal details to craft more compelling offerings to particular people.

For example, if they know which bank a person uses and their home address they can generate an email which is much more likely to be seen as genuine and acted upon.

Symantec’s Probe Network, used to monitor online activities around the world, detected a total of 207,547 unique phishing messages in the second half of 2007 - a 5 per cent increase over the previous six months.

Of all the brands used in the attacks, 80 per cent were in the financial sector, compared to 79 per cent in the previous six-month period.