Many would probably understand why more and more fraudsters are making their ways through social networks: they have access to an enormous pool of targets and those targets are completely ambiguous of their malicious intent. After all, social networks are for meeting new people and, well, networking. The one thing that still amazes me though is how easy fraudsters can acquire new targets. Virtually no effort has to be put into it; just view the target’s profile, write a message to them that would be appropriate and attractive to that profile, and watch the victims poor into your network. If you do use social networks of any kind and you receive any form of communication from someone you don’t know, make sure you check them out for any suspicious characteristics before you network with them.

Social networking sites are creating a means for hackers and conmen to worm their way into the confidence of users.

Sites such as LinkedIn can be used to create a veneer of trust that leaves internet users and business at a greater risk of attack, according to a study by Danish security firm CSIS. Dennis Rand, a security researcher at CSIS, created a fictitious entry on the LinkedIn network before inviting random and unknown users of LinkedIn to join his private network. By posing as an ex-employee of “targeted” firms he was able to prompt real workers from these firms into establishing connections.

Within a few weeks Rand created a network of 1340 trusted connections. In a research paper, Threats when using online social networks (PDF), Rand explains how information gleaned through this network might be used to harvest email addresses for spamming or worse. The “blind trust” built into social networks might be abused to send messages containing links to malicious code that are more likely to be accepted because they come from a “trusted” source, for example.[more]

Tags: Hackers, Scams, Identity Theft