“I don’t post anything important on Facebook/Twitter/Myspace/Linkedin,” is what people say when warned about the various social networking sites (SNS). Good, but that unimportant stuff can cause trouble as well. Here’s what you should know, and how to deal with it.
Playing games and accepting friend requests from strangers allows the other party to see your stuff, even if you go in afterword and change their access level, the SNS may allow complete access initially. Even if it doesn’t, and this is true with games, ads, polls or anything else, it will allow them to run code on your PC. The SNS is always trying to secure these things better, but they are always behind the curve. Using the “fun” features of the SNS puts your computer and privacy at risk.
But don’t just be worried about your computer and your privacy, hackers are keenly interested in what is contained in the profiles of employees. If they can obtain information from employees on SNS’s, they can use the info to build attack profiles and make laser accurate attacks on their work systems. Making it worse, once they have access to your SNS profile, they can message all your friends and make it appear you are recommending they use the application that will then compromise their account.
There is only one way to avoid being a target, and that is to not play the games, not answer the polls, and not click on the links. Which makes SNS boring and useless. If you still feel the need to use SNS sites, do your security a favor: only access these sites from a safe computer, and never access your bank account from the computer you use for SNS. Using a boot CD, like Slax, lets you keep a single PC for both safe and unsafe activities. It’s a hassle, but it’s better than finding all your bank accounts empty.