Websense CTO Dan Hubbard outlines four ways companies can protect their information from threats and compromise on the social Web.
1) Most Web Posts on Blogs and Forums are Actually Unwanted Content (Spam and Malware) As more and more people interact with each other on sites allowing user-generated content, such as blogs, forums and chat rooms, spammers and cybercriminals have taken note and abuse this ability to spread spam, post links back to their wares and direct users to malicious sites. Websense research shows that 85 percent of all Web posts on blogs and forums are unwanted content - spam and malware - and five percent are actually malware, fraud and phishing attacks. An average active blog gets between 8,000 and 10,000 links posted per month; so users must be wary of clicking on links in these sites.
Additionally, just because a site is reputable, doesn't mean its safe. Blogs and message boards belonging to Sony Pictures, Digg, Google, YouTube and Washington State University have all hosted malicious comment spam recently, and My.BarackObama.com was infected with malicious comment spam.
2) The Top Search Results from Google are Safe, Right? Search engine poisoningis growing in popularity and used by cybercriminals to boost links to Web sites with malicious code or spam, up in the search rankings. Many users assume that the top results are "safe" but really they are directed to infected Web sites. For example in March, basketball fans who typed "March Madness" into their Google search bar and clicked on many of the top ranking links were actually led to Web sites infected with "rogue antivirus" software (see number 3).
3) You're Really NOT Infected; Be Careful Before You Download That In the past year Cybercriminals have increasingly used what's known as "rogue antivirus" to get information like credit card numbers and other private information from Web users. Typically, rogue antivirus authors use search engine poisoning to drive traffic to sites they own or have infected (as noted above). Often they post links on blogs and forums that link back to a malicious site under their control. When a user visits these Web sites, a window pops up warning them that their computer has been infected with malware. The user is prompted to pay money and download an "antivirus" software program to clean their system. In reality, the attackers have tricked the user into disclosing their credit card information to pay for the fake software as well as successfully installed malware on the user's machine. One example is the well-publicized Conficker worm that infected millions of computers around the world. Some users with the Conficker worm observed a file downloaded onto their machine. Upon running the file, the user was asked to pay US$49.95 to remove the "detected threat."
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.