RSS Alerts

Related Links

  • Sophos
  • Elsevier Ltd is not responsible for the content of external websites.

Related Stories

  • Facebook and McAfee team up on security
    Facebook has signed McAfee as a supplier to help protect its user base. The two companies have worked on a custom scanning and repair tool, along with education materials that will target the social networking giant's 350 million users.
  • Social Networking - A Risk to Information Security?
    As the popularity of social networking sites continues to mount, it becomes increasingly important to consider the information security risks posed in the context of a wider data loss prevention and reputation management strategy. Cath Everett reports
  • Advice for safer access to Facebook, Twitter, and other social networking sites
    As many readers of Infosecurity may have noticed, Web 2.0-driven social networking sites like Facebook and Twitter have become attractive targets for phishing and scamming attacks as online criminals follow the latest internet trends that are attracting the most users.
  • Information Security: Read All About It
    Ill news travels quick and far, or so the saying goes. But how well is security-related news covered in the press, and what are people writing about? Danny Bradbury investigates
    Members' Content
  • Security firms warn of bogus job search emails
    Security vendors – including Websense and Sophos – have sent up a red flag about suspect emails targeting human resources staff. The messages apparently contain zip files that, when opened, infect users’ PCs with rouge anti-virus.

News

Report shows a 70% surge in malware and spam on web 2.0 services

02 February 2010

Research just published by Sophos claims to show a 70% increase in the number of companies reporting spam and malware attacks via social networks.

The study, which forms part of Sophos' Security Threat Report 2010, shows that 57% of social networking users have reported receiving spam, as compared to 33.4% a year ago. In the same period, the IT security vendor says that the number of those firms reporting social networking malware attacks rose from 21.2% to 36%.

Graham Cluley, Sophos' senior security consultant, says that the reason for the surge is that computer users are spending a lot more time on social networks, sharing sensitive and valuable personal information.
It's therefore no surprise, he said, that hackers have determined where the money is to be found.

In a blog posting, Cluley said that the cybercriminals don't just want to infect users' computers via social networks to steal their online banking details. Increasingly, he says, they're after data which may help them compromise your organization.

In its poll of more than 500 companies, Sophos reports that 72% of firms are worried that workers' behavior on social networks may be putting their business at risk. As a result, the company says, corporate infrastructure – and the sensitive data stored upon it – are in danger if they not properly secured.

"What's fascinating is that despite the rising fears of social networks, 49% of firms have given permission to all their staff to access Facebook at anytime during the day, a 13% rise on a year ago", said Cluley. "Indeed, Sophos' research indicates that productivity – rather than malware or data leakage – continues to be the number one reason for blocking access to Facebook, for those companies who do apply restrictions", he added.

According to Cluley, social networks are an essential tool for many companies today, giving them an opportunity to be closer to their customers and build a community around their brand. And for that reason, he says, it's becoming harder and harder to block the social networks from inside companies.

"And even if blocks are put in place are you confident that your staff won't attempt to waltz around them?", pondered Cluley.

"My feeling is that social networks are here to stay, and we have to accept them and secure them the best we can. That means deploying technology to scan every website and link clicked on by users, educating staff about the safe use of social networks, and calling upon the networks themselves to increase their protection against threats", Cluley noted in his blog.

And, he observed, if this isn't done then we'll all be facing the grim irony that "just as companies are loosening their attitude to staff activity on social networks, the threat of malware, spam, phishing and identity theft is becoming ever greater."

 

This article is featured in:
Compliance and Policy Data Loss

 

Comment on this article

You must be registered and logged in to leave a comment about this article.

Copyright © 2010
Elsevier Ltd. All rights reserved.
Terms & Conditions | Privacy | Website Design Working with water