All the latest UK technology news, reviews and analysis
|
|
|
02 Feb 2010
Nearly three-quarters of companies have been sent spam or malware via social networking sites, potentially putting corporate systems and sensitive information at risk, according to new research from security vendor Sophos.
The Sophos Security Threat Report 2010 (PDF) quizzed over 500 organisations, and found that the amount of spam and malware being sent through these burgeoning channels has shot up over the past year.
Nearly 60 per cent of respondents have been spammed via social networking sites, a rise of 71 per cent from last year, while 36 per cent have been sent malware via social networking sites, up 70 per cent from last year.
Sophos senior technology consultant Graham Cluley argued that, although the figures are a lot lower than email-borne spam and malware, the growth in the past 12 months is nonetheless worrying.
"People are scanning their emails and looking for spam and Trojans, but social networks are another route into the organisation," he said. "Users are more susceptible to clicking on links when they believe they've been sent by a friend on their network."
Cluley acknowledged that social networks are getting better at monitoring and preventing these threats, but believes that more proactive scanning technology needs to be implemented.
LinkedIn was singled out for particular criticism in the Sophos report, despite being rated 'most feared social network' by just four per cent of respondents.
LinkedIn is not a serious vector for the spread of spam and malware, unlike Facebook for example, but is being used by hackers to mine useful corporate information which could be used to launch targeted attacks, according to Sophos.
"You can effectively get the corporate directory of an organisation, and even who its newest recruits are," said Cluley. "I could forge an email claiming to come from HR and send it to those new recruits. There's a real danger there."
Cluley added that, given the risk of personal and corporate information being abused in this way, individuals should reappraise whether they are getting any real value from being on these sites.
Latest stories from Security
Related articles
Related jobs
Poll
What is the most important IT priority for your company this year?
Sneak peek at the forthcoming glass-based machine
Connect with V3.co.uk
This paper focuses on a series of best practices and techniques for development teams looking to improve their software development processes
Why good data management at all levels is essential in the modern business (video, 6mins)
Software Developer / Web Developer (C# ASP.Net) – Leeds...
Required for my Market Leading Client. The position requires...
PHP Web Developer - Nottingham - £20K My client is...
IT Trainer / E-Learning Designer - London - This leading...
Keep up to date with the latest products, services and technologies from the world's leading IT companies. IThound.com brings you over 2,000 white papers, case studies and analyst reports.
Do you agree?
Hard Selling or Spam
Spamming is done by those who still choose to be ignorant about how the web works. If we recalled, hard selling has never been a successful sales technique. Those successful sales professional has always relied on building rapport. So wake up spammers!!
Posted by: Robin Ong 02 Feb 2010