This document discusses social networking security. It provides an overview of social networking and discusses privacy concerns when sharing profile, graph, and activity data. It outlines several security threats to social networks like profile cloning, identity theft, spam, phishing, and spreading malware. The document concludes with some general safety tips like using strong passwords, enabling encryption, being wary of malicious links and third-party apps, and avoiding sharing too much personal information publicly.

1. Social
Networking
Security
Welcome to
our presentation

2. “
”
Context
OVERVIEW.
PRIVACY.
SECURITY THREATS.
SAFETY TIPS.
GENERAL PROTECTION

3. Social
Networking
 Communities of people who share
interests and activities .
 Social networks connect people at
low cost.
 Most social network services such as
chat, messaging, email, video, voice
chat, file sharing, blogging,
discussion groups, and so on.

6. Social Networking Privacy
Shared Information
 Profile data
 Graph Data
 Activity Data  Third party application access
 Poor implementation
 Lack of awareness

7. Security
Threats
 Access to the user’s computer without his
or her consent .
 Personal information is stolen by means of
digital communication.
 Profile Cloning
Existing Profile Cloning
Cross site Profile CloningIdentity Theft Issues

8. Security
Threats
Spam Issues
Spear PhishingSocial
Engineering

9. Spam Issues  Spam attack on social networking sites.
 Email based spam attack on social
network users
 Broadcast spam
 Context-aware spam
 HTTP Session Hijacking

10. Spam Issues
HTTP Session
Hijacking

11. Spear
Phishing  It just by Email /link/attachment same as
Phishing, the only difference is , this attack is
specific to targeted domains and targets victims.
 Targeted Email
 From some you trust (Patient attacker).
 About something your interest, like, trust.

14. Security
Threats
Spreading malware across social
networks
 Social network API.
 Fake accounts/ profiles.
 Driven by download attack.
 Shortened and hidden links.
 Cross-Site scripting attack.

15. Safety Tips
 Login with strong password .
 Encryption (HTTPS Connection) .
 Email .
 Malicious Link /Scams .
 Apps (Third party application such
as game ) .

16. General Protection  Don’t reveal personal information.
 Don’t enable auto login.
 Turn on cookie notices in your Web browser and use cookie
management software.
 Keep a "clean" e-mail address.
 Don't reveal personal details to strangers or just-met
"friends".
 Avoid sending highly personal e-mail to mailing lists, and keep
sensitive files on your home computer.
 Do not reply to spammers, for any reason.
 Be conscious of Web security.
 Use encryption