0
Online Social Networks




            Photo provided by http://flickr.com/photos/luc/1804295568/ via GNUCITIZEN



5 thre...
What are Online Social
               Networks?
   Online community of Internet users
   Users share common interests
  ...
Who uses Online Social
            Networks?
   Most popular with
    “Generation-Y”
   “Teens and Tweens”
   “Generati...
Most Popular Social Networking
         Web Sites
Top 5
Threats to Online Social Networks
#1
Cyberbullying, stalking, and sexual predators




     Teens bashing other teens...
     Megan Meier suicide
     My...
#2 Vulnerabilities in Applications/Widgets

    Widgets, third-party applications
    XSS (Cross Site Scripting) Samy/Qu...
#3 Spear Phishing and SPAM
   Fake “friend requests”
   Emails that look like they are legitimate!




                 ...
#4 Collection and aggregation
           of personal data
   Most privacy policies are very vague
   Think about it...$3...
#5 Evil Twin Attacks




                       Chris Pirillo by Alan Berner - The Seattle Times

   Fake profiles
   Re...
Top 5
 Ways to Safely use
Online Social Networks
#1 Set appropriate privacy
               defaults
   All Social Networking sites have wide-open
    privacy defaults!
#2 Be careful with third-party
        applications/widgets
   Some of these applications will override
    privacy setti...
#3 Limit personal information
   Don’t post your full name, SSN, address...etc...
   Be cautious about posting informati...
#4 Only accept friend
requests/connections from people
        you know directly
   Most are SPAM
   Most are bots that ...
#5 Only post information your mother
       is comfortable seeing!
   Anyone can view these photos including
    employer...
Questions?
tom@spylogic.net
http://spylogic.net
Upcoming SlideShare
Loading in...5
×

Online Social Networks: 5 threats and 5 ways to use them safely

6,710

Published on

I spent the last few months doing research on various social networks specifically MySpace, Facebook, LinkedIn. Many of us either use these sites or know others that do. Users of these sites have been increasing at a dramatic rate for several years. For example, MySpace was the most visited website in the US with more than 114 million global visitors in 2007, and Facebook increased its global unique visitor numbers by 270% last year alone. With this massive increase in social network usage, online social networking is now becoming the fastest growing area of privacy concerns and security threats.

Published in: Technology
1 Comment
4 Likes
Statistics
Notes
  • nice ppt. tom ......good job
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
No Downloads
Views
Total Views
6,710
On Slideshare
0
From Embeds
0
Number of Embeds
3
Actions
Shares
0
Downloads
213
Comments
1
Likes
4
Embeds 0
No embeds

No notes for slide

Transcript of "Online Social Networks: 5 threats and 5 ways to use them safely"

  1. 1. Online Social Networks Photo provided by http://flickr.com/photos/luc/1804295568/ via GNUCITIZEN 5 threats and 5 ways to use them safely
  2. 2. What are Online Social Networks?  Online community of Internet users  Users share common interests − Hobbies − Religion − Politics − Friends − Schools  Multiple ways for users to interact such as chat, messaging, email, video, voice chat, file sharing, blogging, discussion groups...
  3. 3. Who uses Online Social Networks?  Most popular with “Generation-Y”  “Teens and Tweens”  “Generation-X” and older is the latest trend
  4. 4. Most Popular Social Networking Web Sites
  5. 5. Top 5 Threats to Online Social Networks
  6. 6. #1 Cyberbullying, stalking, and sexual predators  Teens bashing other teens...  Megan Meier suicide  MySpace released a report in 2007 showing 29,000 registered sex offenders on MySpace
  7. 7. #2 Vulnerabilities in Applications/Widgets  Widgets, third-party applications  XSS (Cross Site Scripting) Samy/Quicktime  Malicious banner ads/background images (Alicia Keys’)  Be careful! Some applications will override privacy settings! From the blog post: “Invading the Space: Alicia Keys’ MySpace and… RBN?” http://blog.trendmicro.com/invading-the-space-alicia-keys-myspace-and-rbn/
  8. 8. #3 Spear Phishing and SPAM  Fake “friend requests”  Emails that look like they are legitimate! Screen shot courtesy of Paul Asadoorian, pauldotcom.com
  9. 9. #4 Collection and aggregation of personal data  Most privacy policies are very vague  Think about it...$35 per user when MySpace was sold to News Corp in 2005  Sites like Plaxo aggregate all of these social networks together The following is an example of a privacy statement: “[SNS Provider] also logs non-personally identifiable information including IP address, profile information, aggregate user data, and browser type, from users and visitors to the site. This data is used to manage the website, track usage and improve the website services. This non-personally-identifiable information may be shared with third-parties to provide more relevant services and advertisements to members.” - From the ENISA position paper “Security Issues and Recommendations for Online Social Networks
  10. 10. #5 Evil Twin Attacks Chris Pirillo by Alan Berner - The Seattle Times  Fake profiles  Reputation slander  Corporate espionage (LinkedIn)  Weak authentication of the user (are you who you say you are?)
  11. 11. Top 5 Ways to Safely use Online Social Networks
  12. 12. #1 Set appropriate privacy defaults  All Social Networking sites have wide-open privacy defaults!
  13. 13. #2 Be careful with third-party applications/widgets  Some of these applications will override privacy settings  Example: “Secret Crush” Facebook application − Installed adware “worm” Photos from Fortinet: http://www.fortiguardcenter.com/advisory/FGA-2007-16.html
  14. 14. #3 Limit personal information  Don’t post your full name, SSN, address...etc...  Be cautious about posting information that could be used to identify you or locate you offline  Careful with choosing an online alias and what it says about you “The more info you share, the more valuable you are”
  15. 15. #4 Only accept friend requests/connections from people you know directly  Most are SPAM  Most are bots that want to trick you!  LinkedIn − Be aware of corporate espionage!
  16. 16. #5 Only post information your mother is comfortable seeing!  Anyone can view these photos including employers, friends, and enemy's  Don't trust a private profile! “Use common sense!”
  17. 17. Questions? tom@spylogic.net http://spylogic.net
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×