Botnets and Social Networking

Next time you are on Twitter, Facebook, MySpace or any other social networking site, beware of the botnets! Cybercriminals are using the information posted on these websites to create links and e-mails that appease to the victim's interests. Apparently, these criminals are using users' statuses, posts and other personal information to lure the victims into these malicious attacks.

For example, in fall 2009 hackers sent a Facebook message to a few co-workers including a link to photos of a picnic that some of the employees had attended (http://www.usatoday.com/money/industries/technology/2010-03-04-1Anetsecurity04_CV_N.htm). One of the employees mentioned the picnic on his profile page, which was where the hackers found their bait. Another employee received an e-mail who they thought was from their co-worker with a link to the photos from the picnic, but the message was from the criminals. They were exposed to everything but photos-infection of their computer system, where the hackers were able to take control of her Facebook account and company laptop.

With this control, they were able to search the company's network for two weeks. Now I understand why my job does prefer us to access Facebook on their computers. Social networking is providing bait for the hackers of a new generation. This is why individuals should not post sensitive, personal, revealing information about themselves-you never know who and how someone may be able to use this data. So for now on, be careful what you post and be mindful of how someone could use that information to victimize you!