Skip Links

Web 2.0 Security: Things to Know about the Social Web

By Dan Hubbard, CIO
June 05, 2009 12:30 PM ET

CIO - Websense CTO Dan Hubbard outlines four ways companies can protect their information from threats and compromise on the social Web.

1) Most Web Posts on Blogs and Forums are Actually Unwanted Content (Spam and Malware) As more and more people interact with each other on sites allowing user-generated content, such as blogs, forums and chat rooms, spammers and cybercriminals have taken note and abuse this ability to spread spam, post links back to their wares and direct users to malicious sites. Websense research shows that 85 percent of all Web posts on blogs and forums are unwanted content - spam and malware - and five percent are actually malware, fraud and phishing attacks. An average active blog gets between 8,000 and 10,000 links posted per month; so users must be wary of clicking on links in these sites.

Additionally, just because a site is reputable, doesn't mean its safe. Blogs and message boards belonging to Sony Pictures, Digg, Google, YouTube and Washington State University have all hosted malicious comment spam recently, and My.BarackObama.com was infected with malicious comment spam. More on CIO.com Web 2.0 Definition and Solutions Can Social Networking Be Secure at Work? How to Use Social Networking Safely: Tips From Security Pros

2) The Top Search Results from Google are Safe, Right? Search engine poisoning is growing in popularity and used by cybercriminals to boost links to Web sites with malicious code or spam, up in the search rankings. Many users assume that the top results are "safe" but really they are directed to infected Web sites. For example in March, basketball fans who typed "March Madness" into their Google search bar and clicked on many of the top ranking links were actually led to Web sites infected with "rogue antivirus" software (see number 3).

3) You're Really NOT Infected; Be Careful Before You Download That In the past year Cybercriminals have increasingly used what's known as "rogue antivirus" to get information like credit card numbers and other private information from Web users. Typically, rogue antivirus authors use search engine poisoning to drive traffic to sites they own or have infected (as noted above). Often they post links on blogs and forums that link back to a malicious site under their control. When a user visits these Web sites, a window pops up warning them that their computer has been infected with malware. The user is prompted to pay money and download an "antivirus" software program to clean their system. In reality, the attackers have tricked the user into disclosing their credit card information to pay for the fake software as well as successfully installed malware on the user's machine. One example is the well-publicized Conficker worm that infected millions of computers around the world. Some users with the Conficker worm observed a file downloaded onto their machine. Upon running the file, the user was asked to pay $49.95 to remove the "detected threat."

The Anti-Phishing Working Group recently published some interesting statistics showing that the numbers of rogue antivirus programs rose 225 percent from July 2008 to December 2008, more than tripling the number of detected rogue programs from its July level.

Our Commenting Policies
Latest News
rssRss Feed
View more Latest News