« *cough* Have to work from home *sneeze*? | Main | Immunet Acquired by Sourcefire »

Phishing on social networks is no real surprise

For some reason users of social networks appear surprised by the rate at which phishing attacks are appearing on social networks like Facebook. There is the belief among computer users that they can run from one platform, like e-mail, to the next platform, like social networking, to escape preexisting security problems. Much like social problems in the real world, movement to a new electronic location will provide only a temporary respite from endemic social ills. Rather than allowing their population to depart due to a perception of a lack of security, social networks need to make a two pronged attack at reducing their users vulnerability to phishing attacks.

The first prong consists of attempting to improve issues at what is known as the "layer 8", or the human interaction layer. This consists of giving users clues as to what is good content and what is questionable content. For example, social networks can warn users when they are leaving the safety of the network's walled garden and are clicking on a link that has not been explicitly vetted. They can also alert users when there is an increased risk of phishing or malware attacks based upon recent activity, and make this indicator a predominant UI element that appears when links are activated.

The second prong involves the continual improvement of technology for the prevention of in-network phishing attacks. All of the major players have a security team that is already in place to address issues as they come up. Truth be told, these guys are actually doing a pretty decent job as it is right now. These teams are far more empowered to fix problems in their network than you will ever see in almost every other part of the computing world. They have complete control of the internal architecture, and are not bound by standards bodies on how they handle messaging or communication between those systems. Social networks have been able to combat abuse mostly by taking full advantage of all the information they have at their disposal regarding their users, including the IP address they are connecting from and a full record of their behavior inside the network. Nevertheless, phishing is a hard problem, and several of the social networks are going down the path of employing third-party solutions to address the issue.

Without a combination of user education and appropriate technology, participants will end up moving to location to location in search of a completely abuse free environment. Much like many of the problems that society faces, however, the residents of a social network are enabling the attackers to take advantage of them, and as a result make it far more difficult to eliminate the problem. If individuals didn't fall for phishing attacks, then the phishers would leave the platform altogether. Sadly, once phishers' appetites have been whet by a few successes, they are unlikely to depart anytime soon.

About

This page contains a single entry from the blog posted on May 5, 2009 10:40 PM.

The previous post in this blog was *cough* Have to work from home *sneeze*?.

The next post in this blog is Immunet Acquired by Sourcefire.

Many more can be found on the main index page or by looking through the archives.

Powered by
Movable Type 3.33