Social networks are like gold-dust for cyber criminals. For a number of years now, criminals have been using the trust that underpins online communities to target victims. However, what happens when hackers involved in corporate espionage begin to latch on to the possibilities of social media?
Anyone who has used a social networking site has come in contact with spam messages being spread through news feeds and wall postings.
Perhaps it happened to a friend or family member, or maybe it was even your account that was unwittingly hijacked. But none of us have been immune from the spread of junk mail, scam messages and misleading posts.
Those messages may seem like a minor inconvenience, annoying and at times even amusing. But for cyber criminals those messages are big business, and there is little that social networks and online security providers can do to stop them profiting from their malicious activities.
Take, for example, the "crazy video" scam. An attacker creates a phony Facebook message claiming to show a controversial or risque video clip. Users clicking the message are asked to "like" a page and then are redirected to a phony Facebook login page which steals screen names and passwords.
For most users, the scam will be discovered right away. The posting will be recognised as a spam message and ignored. Others may visit the site, but then steer away when they recognise it as a phishing page.
A select few, however, will go through with the entire operation, handing their Facebook details over and giving the attacker a valuable tool for further spreading the scam or even repurposing the stolen accounts for other operations such as spamming out links to pay-per-click advertisers.
Even if an attack is 99 per cent ineffective, sending spam out to 200,000 or so people is relatively easy and can add up to a massive collection of "hacked" accounts.
And that is where such operations become truly dangerous, because they exploit the trust that social networks are built on. Trust is what allows social network communities to form in the first place and ensures the transparency and continuous flow of information that keeps them alive.
The level of trust and connection is what makes social networks so popular, and also what makes them so dangerous.
For several years now, the "stranded" spam message has been a popular fraud operation. The attacker either collects or purchases stolen account credentials and then uses the account to send messages to contacts claiming that the user is "stranded" in a foreign country and needs a wire transfer in order to purchase a ticket home.
The technique is usually ineffective against savvy users, but with an increasing number of users signing up to social networking services for the first time, a fertile new crop of potential victims has arisen.
BT wants to make the public switched telephone network history within eight years
Personal data being purloined by third parties via Facebook Login API
MacOS and iOS are better off apart, says CEO Tim Cook
Or they'll no longer be entitled to updates and bug patches