Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

Gamers Exposed To Heightened Risk From Social Networks

BitDefender UK : 01 April, 2010  (Technical Article)
The credibility of fake identities in the gaming community make gamers easy prey for ID theft and phishing according to a recent study by BitDefender
Social gaming aficionados are exposing themselves to real and present danger of falling victim to fraud and ID theft, according to a study presented by BitDefender at the recent MIT Spam Conference.

Today's entertainment applications available in social networks require users to gather a considerable amount of friends and supporters to play the same game in order to attain higher scores. To achieve this, players have developed channels, groups and fan pages, which facilitate the interaction between them.

Spammers and phishers are exploiting this opportunity by using fake profiles and bots that send spam messages. Unlike regular social networking spam, when the users are enticed to add the spammer in their circle of friends, the social gaming-related phony profiles are willingly added by the users as an immediate consequence of their interest in enlarging the supportive players' community. This makes it almost impossible for the bogus accounts to be automatically suspended, since the spammers' action does not constitute an abuse.

The study also demonstrates that the most successful fake accounts are those miming real profiles, which hold plenty of details and pictures of the user behind. In an acceptance experiment, BitDefender researchers created three honeypot profiles -one without any picture and holding few details, another with an image and some information, and a third with a large amount of data and photos. All three profiles were subscribed to general interest groups. One hour after starting to add people to each profile, the circle of friends enlarged with 23 connections for the first profile, 47 for the second profile and 53 for the third profile.

After joining social games groups, the volume of users willing to add unknown people increased drastically. Within 24 hours, 85 users accepted a request from the first profile which they did not know, 108 from the second and 111 from the third.

George Petre, BitDefender Threat Intelligence Team Leader and author of the case study, said "Users are more likely to accept spammers in their friends list when they are in a social network than in any other online communication environment."

The security implications are numerous, ranging from the consolidation and increase of the spamming power, data and ID theft, accounts hijacking to malware dissemination. A shortened URL posted without any explanation on each honeypot profile was followed by 24 percent of the friends from the three accounts, even if they did not know who posted it and where it was going.

"This fact brings spam and social engineering schemes closer and more effectively to the user than any e-mail spam or scam. Moreover, we have seen that in the social applications environment, users can be easily tricked into adding spammers to their profile. Thus, we recommend social gaming aficionados to use extreme caution before enlarging their circle of friends," Petre added.
Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo