Facebook Hacked

Just one day after Mark Zuckerberg’s Facebook page was hacked,Facebook responded with a whole menu of new security features.  More than just a publicity stunt, the quick response included some key changes that all Facebook users should know.

Read on for all you need to know about these five, key new tools.

1. HTTPS-enabled browsing protects users against password stealing on public networks and hacking schemes like the Firefox add-on Firesheep by creating a secure connection, even if the network is insecure.  Good news for sure, but Facebook has still left it up to the individual user to enable the HTTPS browsing themselves.  First, go to “Account Settings” under “Account” on the upper right of your screen, then down to “Account Security” and click “Change,” which will allow you to enable HTTPS browsing. You can also choose to receive an email when a new computer or device logs into your account.  One fair warning, however, is that HTTPS can sometimes dramatically decrease your page loading time, meaning what you gain in security, you may lose in speed.

Continue Reading

OpenDNS, the world’s largest provider of Internet navigation and security services, has just released some interesting statistics about the websites that are commonly blocked, and the websites that network administrators give access to their users in 2010. The report also ventures into detailing the sites that endured the most online scams in 2010.

“Overall, 2010 was all about social, and this trend is reflected in the data we’re seeing at OpenDNS. Facebook is both one of the most blocked and the most allowed websites, reflecting the push/pull of allowing social sites in schools and the workplace,” said OpenDNS Founder and CEO David Ulevitch. “This trend was also apparent in the phishing data we analyzed, where Facebook and other websites focusing on social gaming were frequently the targets of online scammers.”

Facebook was the top most blocked website in 2010, and the second most frequently whitelisted website, with more than 14 percent of all admins who block websites on their networks choose to block Facebook. The top three most frequently blocked websites included Facebook, MySpace and YouTube, with pornography being the top most blocked category.

Paypal topped the list of site, that endured the most phishing attacks, with 45 percent of all phishing attempts made in 2010 were targeting PayPal. Paypal receives such astounding number of phishing attacks that Facebook, which came at no. 2 on the list, receives 9 times less attacks as were targeted towards Paypal. But with Paypal being the world’s top financial service, this is hardly a surprise to anyone.

Social networks and Social games are the most phished brands on internet, with five out of top ten phished sites, belonging to this category. These five sites include, Facebook, World of Warcraft, Sulake Corporation (makers of Habbo), Steam and Tibia (online games).

Related Blogs

According to the latest security report published by Sophos, spam and phishing attacks have substantially increased, on social networking sites, over the past year. Of the 1000 respondents which were polled, around 82 percent named Facebook as the biggest threat to security. This is a 22 percent increase compared to the survey of last year.

Sophos polls suggest that around 40 percent of the users quizzed, have received malware such as worms via social networking sites. This is nearly 90 percent increase since April 2009.

According to the survey, the proportion of spam has doubled since April 2009. Two third (67 percent) of the users had been spammed through the social networking sites. The incidents of phishing attacks also grew twice in size since April 2009, with 43 percent on the receiving end of phishing attacks.

Graham Cluley, senior technology consultant at Sophos said:

The problem of security threats posed by social networks is not limited to only home users. Access to social networking accounts from the workplace, makes the sites a potential vector for attacks against businesses.

Cybercriminals are showing a drastically higher level of interest in social networks than ever before; with Facebook being the site they are targeting the most. The report cites Facebook’s app system to be a major security vulnerability. Facebook allows any user to create an application, with a wide range of powers to interact with data stored on user pages and cross-site messaging systems. These applications, like survey scams, can then be installed and run on any users’ page.

Sophos wants Facebook to employ a “walled garden” approach to address the app problem, similar to what Apple App Store does. Applications in Apple’s App Store require official approval from Apple, before they can be uploaded to the site and shared with other users. Such an initial check prevents fraudulent and scam apps from making their way into the store. If Facebook employs this functionality, a lot of issues could be resolved before they go viral on Facebook.

Graham Cluley also criticized Facebook‘s awkwardly developed features which allow rogue application developers to access users’ private information. “Either Facebook simply doesn’t “get” security and privacy. Or it just don’t care” he said.

According to Cluley, if Facebook will keeping ignoring privacy and security concerns, there will be serious problems.

Related Blogs