Your Privacy When Using Social Networking Sites

Phishing, spamming and tracking are all live and kicking on social network sites. To avoid becoming a victim of online fraud, read our tips.

Avoiding Online Spam Attacks

Spammers aren’t known for their discreet approach. And now, through a mixture of phishing and spamming techniques, they’re targeting user profiles on social networks like Facebook and MySpace.

Even more deviously, this requires the work of two separate people. First, online fraudsters gain your user details (name and password) by contacting you under a false pretence. Once they’ve gathered a list of the passwords of hundreds of people, they sell them on to unscrupulous spam marketers.

These people – spammers – are able to automate the process of posting messages on users’ 'walls' (Facebook). They use the space to advertise dubious online shops or services, post email addresses or other fraudulent links (such as a website designed to resemble the check-in page of your bank).

Avoiding Spyware & Other Downloads

In 2008, online security specialist Fortinet discovered a malicious ‘widget’ being circulated on Facebook. Although it’s now defunct, this malicious widget was probably the first of many for this year. How does it work?

The widget, called ‘Secret Crush’, appears as an invite on the user’s friends page. Once the user clicks through, the widget requests their information (as part of the standard software download process) with the tantalising statement that “One of your friends has a secret crush on you!”. The user is prompted to continue the registration process and then asked to provide five friends’ names and details before they are permitted to see “who has a crush on you”. At the end, the user is simply redirected to a ‘Crush Calculator’ where they can work out how much any given friend likes them.

Nothing so harmful about that, right? Wrong. The user has unwittingly given their details to someone more unscrupulous than they suspected. The final page is a link on the affiliate page of ‘Zango’. Visit this page, and you won’t leave alone – Zango is the infamous spyware/adware designer with tabs on thousands of users worldwide.

Avoiding Phishers

Phishing is another problem on social networking websites like Facebook and MySpace. Specially-designed ‘spambots’ visit the network sites, creating artificial profiles with interesting-looking links and pictures.

When users click on icons for the fake profiles, they’re immediately swept off to a suspicious ecommerce site, pornographic pages, or ‘phishing’ screens which are designed to get the user’s personal details.

Visitors to these pages could also unwittingly leave with a discreet piece of spyware tacked on to their system. MySpace warns its users against filling out forms on a redirected page, but if this warning is ignored then visitors will pay the price<.p>

Using MySpace To Track The Trackers

It’s not all sweetness and sound over at MySpace, either. User profiles are able to have hidden HTML code signing up visitors to the profile’s video streams. Great if your friends want to check it out; even better if you’re a hacker.

Hackers and spammers have gleefully set up their own profiles which, when visited, capture the IP address of unsuspecting viewers. That’s if they’ve not already redirected you to an adult website or online pharmaceutical site. You can then be traced – physically and online.

Actually this feature does have its advantages, as those determined to catch the hackers have discovered. You can capture the information of anyone who visits your profile with the intention of posting spam or dubious links. But only if you’re very determined.

Online Safety Tips

• Don’t respond to emails or contact via network sites that requests your user information or passwords.
• 2. Don’t install widgets on facebook.
• 3. Limit your social interaction to people you know and trust.
• 4. Don’t fill out forms that have are linked out and hosted on a different site.
• 5. To avoid having your IP location traced by MySpace users, add “vids.myspace.com” to your Hosts file.