Social Networking Security

Adonis Sardias
Onsite Systems Engineer Social Media and Community Professional Dell | Public Advanced Solutions Group

Follow me via

linkedin.com/in/sardinasa

@AdonisAtDell

Special Thanks

Ross Hughes

Cyber Security Manager Federal Student Aid

Google Dell Team

Cynthia Zeller

FAU Team

Overview

what is social networking the risks how to protect yourself safeguard your facebook privacy closing remarks

what is social networking

Applications can be accessed from anywhere Designated problems can be solved by Simple applications. value lies in the actual content, not the software used to display it. easy to share data. It is bottom-up, not top-down Distribution. Tools are accessible and can be used by employees and customers on their own. The Social tools were designed for the purpose of creating, collaborating, editing, categorizing, exchanging, and promoting information. Its all about networking

key characteristics of Web 2.0

the more people who contribute, the better the content gets.

http://www.rossdawsonblog.com/Web2_Framework.pdf

I.

noun a network of friends, colleagues, and other personal contacts: Strong social networks can encourage healthy behaviors.
I. II.

Define: social network

Computers. an online community of people with a common interest who use technologies to communicate with each other and share information, resources, etc.

whos who in the zoo

who is using social media networks in America as at June 2011

the risks

Scary Social Networking Stats

70% of teens are sharing too much personal information on their profile 46% are sharing IM or other contact info 54% have people they don't know on their "friends" list 65% say they don't really understand privacy settings 40% put their cell phone numbers on their profiles or away message linked to their profiles 5% say they know how to shut down a profile 5% say they would bother to report any bad behavior, and only 2% know how
http://lmk.girlscouts.org/Online-Safety-Topics/Social-Networking/Is-It-Safe-/The-Stats-on-Social-Networking.aspx

Risks of Social Networking

Risks to you from others: You could be cyberbullied, targeted by a sexual predator, your friends may share too much info about you, or someone could steal your ID Risks to others from you: Whether it's intentional or not, you could be cyberbullying someone or you could share too much info on one of your friends. Risks to your computer: Someone can stick a virus or spyware into a download, or use tricks to get into your computer or your accounts by "phishing." Or guess your password and hack into your computer. Risks you pose to yourself: Are you really willing to have your parents, teachers, the police or a predator know everything you post online?

Even worse, you might post that picture of yourself online, or that story that was funny ... at the time. But when the college admissions office or that potential summer employer sees it ... well, this may be the biggest risk of all.

http://lmk.girlscouts.org/Online-Safety-Topics/Social-Networking/Is-It-Safe-/The-Risks-of-Social-Networking.aspx

Phishing
define: way of attempting to acquire information by masquerading as a trustworthy entity

More info: http://nakedsecurity.sophos.com/2011/06/03/facebookphishing-spot-the-difference/

Worms
define: self-replicating malware computer program, which uses a computer network to send copies of itself to other nodes

"Likejacking /clickjacking

Tagjacking

Comment Jacking

Trojans
define: software that appears to perform a desirable function for the user prior to run or install

"click here" and you get:

Zeus

a potent and popular banking Trojan that has been given new life by social networks. There have been several recent high-profile thefts blamed on Zeus, notably the Duanesburg Central School district in New York State late in 2009.

URL Zone

is a similar banking Trojan, but even smarter, it can calculate the value of the victim's accounts to help decide the priority for the thieft

http://www.networkworld.com/news/2010/071210-social-network-threats.html

Identity Theft
define: The fraudulent acquisition and use of a person's private identifying information, usually for financial gain.

Researchers at Carnegie Mellon University showed how SS# can be guessed using information found in sites like Facebook, MySpace, and other popular Web portals. "the first five digits are easy to predict."

(http://www.socialsecurity.gov/employer/stateweb.htm) Birth data is key

Alessandro Acquisti Lead Researchers at Carnegie Mellon University

how to protect yourself

Digital Reputation

Be Discreet

Never type anything into any type of online electronic form that would expose you.

personal and business names addresses phone numbers job titles birth dates

Full Birth Date in Your Profile Mentioning That You'll Be Away From Home

schedule details

daily routines business or family information

Posting Your Child's Name in a Caption

Check Privacy Policies

Take the time to read and understand privacy guidelines

include the types of information that will be revealed or sold to other parties (including spammers).

Dont Overlooking Useful Privacy Controls

http://www.allfacebook.com/facebook-privacy-2009-02

Be Skeptical

Bitdefender
http://safego.bitdefender.com/

Safeguard Your Facebook Privacy

General security tips for Facebook

Adjust Facebook privacy settings to help protect your identity Read the Facebook Guide to Privacy When in doubt, use the "Preview my profile" button on any privacy settings page to check how your information appears to others. Think carefully about who you allow to become your friend Show "limited friends" a cut-down version of your profile Disable options, then open them one by one

Twitter insider

Remove Unwanted Application Access

9 Critical Ways To Protect Your Privacy On The New Facebook

Article by: Ellis Hamburger | Sep. 21, 2011

reporter for SAI:Tools at Business Insider.

Website: http://www.ellishamburger.com/

http://www.businessinsider.com/facebook-privacy-2011-9?op=1

1. Know that anything you post or comment on a friend's wall is public. Your posts will show up in others' News Tickers

2. Remember to check sharing settings before you post an update.

3. Be very careful adding people to your Smart Lists associated with work or study. They'll get notified.

4a. Go to your profile and click "View As..." Then click "public" to see how your profile looks to the world.

4b. Here's what anyone who comes to your profile sees (who you aren't Facebook friends with). Any "Public" updates you post show up here.

5. Subscribing stalking someone you're not friends with. "Subscribing" to somebody's public updates is a public act, just like following on Twitter.

6. Click the drop down arrow in the top right of your screen, then "Privacy Settings," then "How Tags Work." Make sure you're ok with each setting.

7. Want to only make parts of your profile public and parts private? Click "Edit Profile" on your profile and change these settings.

8. So who can see that picture, anyway? Find out by clicking the gear next to a picture.

Protect Against Tag-jacking

http://www.youtube.com/watch?v=5RIgZjQ2QcA

Closing remarks

Keep you computer clean & updated

Operating System Updates Antivirus Updates Application updates

IE, Firefox, Safari

Clean your PC

Spybot: http://www.safer-networking.org/ Malwarebytes: http://www.malwarebytes.org/

Q&A

Thank you
Adonis Sardias
Onsite Systems Engineer Social Media and Community Professional Dell | Public Advanced Solutions Group

Follow me via

linkedin.com/in/sardinasa

@AdonisAtDell

references

Images Used
http://www.chaaban.info/wp-content/uploads/2009/11/dangers-of-social-networking.jpeg http://www.bloggingjunction.com/wp-content/uploads/2010/07/social-networking1.jpg http://www.perey.com/images/social_networking.jpg http://www.pureblogging.com/wp-content/uploads/2008/02/social-networking-with-fellow-bloggers.jpg http://www.yourministryhelper.com/wp-content/uploads/2009/09/image.png http://3.bp.blogspot.com/__hhGrSssXbc/R09u2qUfi6I/AAAAAAAAADI/7TaSB19SDL4/s1600R/social+network.jpg Social Puzzle: http://www.daddydesign.com/wordpress/72-free-puzzle-social-network-icons/ http://speakinspanishnyc.com/blog/wp-content/uploads/2011/09/socialnetworking4.jpg Date of Birth: http://www.avg.com.au/images/avg_blogs/avg_smb_at_work_too_much_social_network_1.jpg http://www.treehugger.com/no-fishing-sign.jpg http://www.pr-media-blog.co.uk/wp-content/uploads/2011/06/PERSEC-Screenshot12.jpg http://media.marketwire.com/attachments/201006/613448_McgruffTheCrimeDog.jpg http://media.photobucket.com/image/stay%20thirsty%20my%20friends/moviediva/dos-equis-mostinteresting-man-in-t.jpg http://www.broadname.com/images/social-network.jpg http://www.maximumpc.com/files/u69/SS_Theft.png http://www.kuzzuk.net/wp-content/uploads/2009/04/ning-social-network-security-threat.png http://www.flickr.com/photos/birgerking/4731898939/sizes/o/in/photostream/ http://networkmarketermlm.com/web-2-0-technology-the-social-network-marketing-sites/ http://www.pikeresearch.com/wordpress/wp-content/uploads/2010/08/Smart-Meter-Security.jpg

References

7 Things to Stop Doing Now on Facebook. (2010, May 12). Retrieved Oct 19, 2011, from Consumer Reports: http://finance.yahoo.com/family-home/article/109538/7-things-to-stop-doing-now-on-facebook Top 10 social networking threats . (2010, July 12). Retrieved Oct 17, 2011, from Network World: http://www.networkworld.com/news/2010/071210-social-network-threats.html Social Security Number Allocations. (2011, June 25). Retrieved from Social Security Online: http://www.socialsecurity.gov/employer/stateweb.htm Who is using social media? (2011, Aug 15). Retrieved Oct 17, 2011, from Diverse Consultancy : http://www.diverseconsultancy.com/2011/08/who-is-using-social-media.html Buck, S. (2011, Sep 23). How the World Uses Social Networks [INFOGRAPHIC]. Retrieved from Mashable Social Media: http://mashable.com/2011/09/23/world-social-networks-infographic/ Facebook Statistics. (n.d.). Retrieved October 17, 2011, from Facebook: http://www.facebook.com/press/info.php?statistics Focus Editors . (2011, Oct 17). The Security Risks of Social Networks. Retrieved from http://www.focus.com/fyi/security-riskssocial-networks/: http://www.focus.com/fyi/security-risks-social-networks/ Hackett, J. (2011, Oct 06). comScore Introduces Ad Metrix Social for Visibility into the Social Side of Display Advertising. Retrieved Oct 17, 2011, from comScore: http://blog.comscore.com/2011/10/introducing_ad_metrix_social.html Hamburger, E. (2011, Sept 21). 9 Critical Ways To Protect Your Privacy On The New Facebook. Retrieved Oct 17, 2011, from http://www.businessinsider.com/facebook-privacy-2011-9 Messieh, N. (2011, Jan 03). 5 Tips & Tricks To Avoid Facebook Phishing Scams. Retrieved oct 17, 2011, from make useof: http://www.makeuseof.com/tag/5-tips-tricks-avoid-facebook-phishing-scams/ Nelms, D. (2011, June 16). Social Networking Growth Stats and Patterns. Retrieved Oct 17, 2011, from Social Media Today: http://socialmediatoday.com/amzini/306252/social-networking-growth-stats-and-patterns Olmos, D. (2009, July 06). Social Security Numbers Can Be Guessed From Data, Study Finds . Retrieved from Bloomberg: http://www.bloomberg.com/apps/news?pid=newsarchive&sid=aKbjO.Ew4S2E Privacy & Reputation Online . (n.d.). Retrieved from Youtube: http://www.youtube.com/watch?v=X0Oumfi7Rhg Rubenking, N. J. (2010, sept 28). Facebook Clickjacking Attacks: Recognize and Avoid Them. Retrieved Oct 17, 2011, from PC Mag: http://www.pcmag.com/article2/0,2817,2369864,00.asp#fbid=D5LNrz_LltO social network. (n.d.). Retrieved from dictionary.com: http://dictionary.reference.com/browse/social+network The Risks of Social Networking. (n.d.). Retrieved Oct 17, 2011, from Girl Scouts: http://lmk.girlscouts.org/Online-SafetyTopics/Social-Networking/Is-It-Safe-/The-Risks-of-Social-Networking.aspx