Friday, October 30, 2009

How Hackers Find Your Weak Spots

A recent article on ComputerWorld.com took a closer look into how hackers are using information gathered from social networking sites to hack into users personal accounts. This is done in several ways. Hackers “friend” users on sites such as Facebook, Twitter or MySpace and then use personal information gathered from their profile to guess either their password or their password security questions. Another common hacking technique is to “friend” a user and then become familiar enough with them to post links on their profiles. When users click on the links, malicious software is automatically downloaded onto their computers and information can then be stolen. Most people don’t think twice when accepting friend requests from people, especially if they seem to be your age or possibly even go to your school. What users of such sites don’t realize is just how easy it is to create a false account and then exploit the information gathered from these profiles. All users should be really selective about what information they put out there, and they should know exactly who they allow to see said information.

http://www.computerworld.com/s/article/343900/How_Hackers_Find_Your_Weak_Spots?taxonomyId=82
Posted by Kelly at 10/30/2009 01:51:00 PM

2 comments:

  1. AOctober 31, 2009 at 9:19 PM

    There is another strategy I have seen and if anyone has figured this out let me know. Apparently once Facebook profiles are hacked (I am trying to figure out if this requires a username and password or is entered through some back door), the user will send out millions of wall messages to all of their friends.

    Usually these wall posts end up saying "I tagged a few new photos of you," or "you'll never believe this YouTube video I saw" and all usually have a link. I don’t usually fall for phishing, but I clicked on this link and found myself in some bizarre website and my antivirus posted a bunch of alerts.

    The lesson is that there are no limits to social engineering. I would just advise everyone to look out for these, and be a real Facebook friend by notifying (even calling) the person whose profile is sending out this malicious messages so they can shut down their profile or change their passwords.

    ReplyDelete
  2. Will HarfordNovember 16, 2009 at 11:58 PM

    I have received many messages such as the one you are referring to and I have not clicked on them because it has been really bizarre. But, I have heard similar horror stories of peoples computers being completely wiped out because of situations like that. With that in mind, I have a facebook profile, and although it is extremely boring I put no personal information in my profile and have no pictures for people to see. This removes any personal information about myself and it prevents such situations from happening. Also, it removes the possibility of people gaining information about my identity and using it for identity fraud,

    ReplyDelete

Subscribe to: Post Comments (Atom)