All the latest UK technology news, reviews and analysis
|
|
|
22 Jul 2009
Security experts are calling on social networking providers to scan messages sent from their sites more securely, or risk further high-profile incidents in which user accounts are hacked and customers are hit with identity theft.
Graham Cluley, senior technology consultant at Sophos, argued ahead of the launch of the security firm's biannual Security Threat Report (PDF) that "the honeymoon is over" for social networking sites such as Facebook and Twitter.
"It is time for them to do some growing up. They have been very successful at getting users, but now it's time for them to do some important behind-the-scenes work," he said.
"We would like to see a more proactive approach to stopping malware, spam and identity theft. They should be scanning links and content to see whether they are malicious or not, just like Hotmail, Gmail or corporate account [providers] do."
In the meantime, Cluley urged users to run a special plug-in or add-on which converts shortened URLs to their original form, to see more clearly whether they are been led to a malicious site. Criminals have recently stepped up the use of shortened URLs to fool users into visiting compromised web sites.
"Companies should also be running web scanning tools. We find one new infected web page every 3.6 seconds, which is four times what it was in 2008," he said.
The Sophos report will also reveal a major rise in the amount of scareware used by criminals to extort money from vulnerable users by persuading them that their PC is infected or otherwise at risk, and urging them to buy bogus secu rity software.
Sophos reported that the number of new scareware sites, to which users are directed in order to download the software, has tripled from five a day last year, to 15 a day this year.
Latest stories from Software
Related articles
Related jobs
Poll
What is the most important IT priority for your company this year?
Sneak peek at the forthcoming glass-based machine
Connect with V3.co.uk
This paper focuses on a series of best practices and techniques for development teams looking to improve their software development processes
Why good data management at all levels is essential in the modern business (video, 6mins)
Software Developer / Web Developer (C# ASP.Net) – Leeds...
Required for my Market Leading Client. The position requires...
PHP Web Developer - Nottingham - £20K My client is...
IT Trainer / E-Learning Designer - London - This leading...
Keep up to date with the latest products, services and technologies from the world's leading IT companies. IThound.com brings you over 2,000 white papers, case studies and analyst reports.
Do you agree?
New era of web security
Web security today should not be about stopping and blocking but about enabling employees to be successful in their roles. Organizations must deploy security solutions relevant to the way their people work and the information they are sharing. This combination means organizations can provide an appropriate and contemporary working environment while managing the appropriate dissemination of information whatever the circumstances; if an employee is online in a social network then content is being inspected to ensure that what is leaving the company is appropriate, and not letting proprietary or confidential information out of the door. This new era of web security signals a shift away from restricting a corporate environment to enabling people and companies to do better business. This not only takes into account the need to maintain the flow of content and communication - from web, email, and web mail - but also ensuring that Internet-based threats, next-generation malware, spam, viruses, spyware, unauthorized URLs are prevented while protecting sensitive content
Posted by: Stephen Millard, Clearswift 22 Jul 2009