Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

One Click Features On Social Networking Sites Being Exploited By Cyber Criminals

Lumension Security : 22 September, 2010  (Technical Article)
Hackers are exploiting the one click status feature on Facebook with clickjacking tools to direct social networking site users to fake sites
One Click Features On Social Networking Sites Being Exploited By Cyber Criminals
A new Facebookclickjacking attack is on the loose, affecting thousands of users and spreading like wildfire through their status updates, according to media reports. The "OMG This GUY Went A Little To Far WITH His Revenge On His EX Girlfriend", sends users to a fake CAPTCHA-style mechanism to see the content.

Alan Bentley, VP international at Lumension, commented: "Social networks are becoming piled high with familiar 'one click' features, presenting new opportunities for cybercriminals to dupe users into clicking onto fake links. It is the implicit trust that users have in social networking sites that enables scams like this go viral.

"With a vast number of employees engaging in social networking at work, it can take just one wrong click on a trusted link from an employee's desk to expose the entire network to a malicious attack. To prevent such attacks, businesses need to move from a threat-centric model that focuses on trying to prevent the bad, to a trust-centric model that only allows what is known to be good to run on the machine.

"By taking this approach, businesses can maintain a direct overview of potential security threats, without having to block staff web access."
Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo