SlideShare una empresa de Scribd logo

Online Social Networks: 5 threats and 5 ways to use them safely

Tom Eston
Tom Eston

This document discusses online social networks and some of the threats associated with using them. It defines online social networks as online communities where users can share interests and interact through chat, messaging, and other features. The most popular networks are used most by Generation Y and teens. Some key threats include cyberbullying, stalking, sexual predators, vulnerabilities in applications that can compromise privacy settings, spear phishing spam, and the aggregation of personal data by networks. It provides five ways to safely use social networks such as setting private defaults, being wary of applications, limiting personal information shared, only accepting friend requests from known people, and only posting information one is comfortable with others seeing.

Tecnología
1 de 17
Descargar para leer sin conexión
Online Social Networks Photo provided by http://flickr.com/photos/luc/1804295568/ via GNUCITIZEN 5 threats and 5 ways to use them safely
What are Online Social Networks?  Online community of Internet users  Users share common interests − Hobbies − Religion − Politics − Friends − Schools  Multiple ways for users to interact such as chat, messaging, email, video, voice chat, file sharing, blogging, discussion groups...
Who uses Online Social Networks?  Most popular with “Generation-Y”  “Teens and Tweens”  “Generation-X” and older is the latest trend
Most Popular Social Networking Web Sites
Top 5 Threats to Online Social Networks
#1 Cyberbullying, stalking, and sexual predators  Teens bashing other teens...  Megan Meier suicide  MySpace released a report in 2007 showing 29,000 registered sex offenders on MySpace
#2 Vulnerabilities in Applications/Widgets  Widgets, third-party applications  XSS (Cross Site Scripting) Samy/Quicktime  Malicious banner ads/background images (Alicia Keys’)  Be careful! Some applications will override privacy settings! From the blog post: “Invading the Space: Alicia Keys’ MySpace and… RBN?” http://blog.trendmicro.com/invading-the-space-alicia-keys-myspace-and-rbn/
#3 Spear Phishing and SPAM  Fake “friend requests”  Emails that look like they are legitimate! Screen shot courtesy of Paul Asadoorian, pauldotcom.com
#4 Collection and aggregation of personal data  Most privacy policies are very vague  Think about it...$35 per user when MySpace was sold to News Corp in 2005  Sites like Plaxo aggregate all of these social networks together The following is an example of a privacy statement: “[SNS Provider] also logs non-personally identifiable information including IP address, profile information, aggregate user data, and browser type, from users and visitors to the site. This data is used to manage the website, track usage and improve the website services. This non-personally-identifiable information may be shared with third-parties to provide more relevant services and advertisements to members.” - From the ENISA position paper “Security Issues and Recommendations for Online Social Networks
#5 Evil Twin Attacks Chris Pirillo by Alan Berner - The Seattle Times  Fake profiles  Reputation slander  Corporate espionage (LinkedIn)  Weak authentication of the user (are you who you say you are?)
Top 5 Ways to Safely use Online Social Networks
#1 Set appropriate privacy defaults  All Social Networking sites have wide-open privacy defaults!
#2 Be careful with third-party applications/widgets  Some of these applications will override privacy settings  Example: “Secret Crush” Facebook application − Installed adware “worm” Photos from Fortinet: http://www.fortiguardcenter.com/advisory/FGA-2007-16.html
#3 Limit personal information  Don’t post your full name, SSN, address...etc...  Be cautious about posting information that could be used to identify you or locate you offline  Careful with choosing an online alias and what it says about you “The more info you share, the more valuable you are”
#4 Only accept friend requests/connections from people you know directly  Most are SPAM  Most are bots that want to trick you!  LinkedIn − Be aware of corporate espionage!
#5 Only post information your mother is comfortable seeing!  Anyone can view these photos including employers, friends, and enemy's  Don't trust a private profile! “Use common sense!”
Questions? tom@spylogic.net http://spylogic.net

Recomendados

Privacy issues in social networking
Privacy issues in social networkingPrivacy issues in social networking
Privacy issues in social networking
Bryan Tran
 
SOCIAL NETWORK SECURITY
SOCIAL NETWORK SECURITYSOCIAL NETWORK SECURITY
SOCIAL NETWORK SECURITY
MarketingatBahrain
 
Security threats in social networks
Security threats in social networksSecurity threats in social networks
Security threats in social networks
Tannistho Ghosh
 
Social Media Cyber Security Awareness Briefing
Social Media Cyber Security Awareness BriefingSocial Media Cyber Security Awareness Briefing
Social Media Cyber Security Awareness Briefing
Department of Defense
 
Phishing attack
Phishing attackPhishing attack
Phishing attack
Raghav Chhabra
 
PHISHING attack
PHISHING attack PHISHING attack
PHISHING attack
Shubh Thakkar
 
Cyber crime.pptx
Cyber crime.pptxCyber crime.pptx
Cyber crime.pptx
Dawood Faheem Abbasi
 
PPT on Phishing
PPT on PhishingPPT on Phishing
PPT on Phishing
Pankaj Yadav
 

Recomendados

Privacy issues in social networking
Privacy issues in social networkingPrivacy issues in social networking
Privacy issues in social networking
Bryan Tran
 
SOCIAL NETWORK SECURITY
SOCIAL NETWORK SECURITYSOCIAL NETWORK SECURITY
SOCIAL NETWORK SECURITY
MarketingatBahrain
 
Security threats in social networks
Security threats in social networksSecurity threats in social networks
Security threats in social networks
Tannistho Ghosh
 
Social Media Cyber Security Awareness Briefing
Social Media Cyber Security Awareness BriefingSocial Media Cyber Security Awareness Briefing
Social Media Cyber Security Awareness Briefing
Department of Defense
 
Phishing attack
Phishing attackPhishing attack
Phishing attack
Raghav Chhabra
 
PHISHING attack
PHISHING attack PHISHING attack
PHISHING attack
Shubh Thakkar
 
Cyber crime.pptx
Cyber crime.pptxCyber crime.pptx
Cyber crime.pptx
Dawood Faheem Abbasi
 
PPT on Phishing
PPT on PhishingPPT on Phishing
PPT on Phishing
Pankaj Yadav
 
Social Networking Security
Social Networking SecuritySocial Networking Security
Social Networking Security
S. M. Shakib Limon
 
Social media and Security risks
Social media and Security risksSocial media and Security risks
Social media and Security risks
Parakum Pathirana
 
Social Media and the Future of Privacy
Social Media and the Future of PrivacySocial Media and the Future of Privacy
Social Media and the Future of Privacy
julia594
 
Cyber Crime And Security
Cyber Crime And Security Cyber Crime And Security
Cyber Crime And Security
ritik shukla
 
cyber terrorism
cyber terrorismcyber terrorism
cyber terrorism
Accenture
 
Cyber security
Cyber securityCyber security
Cyber security
TaimoorArshad5
 
How to Spot and Combat a Phishing Attack - Cyber Security Webinar | ControlScan
How to Spot and Combat a Phishing Attack - Cyber Security Webinar | ControlScanHow to Spot and Combat a Phishing Attack - Cyber Security Webinar | ControlScan
How to Spot and Combat a Phishing Attack - Cyber Security Webinar | ControlScan
ControlScan, Inc.
 
Phishing attacks ppt
Phishing attacks pptPhishing attacks ppt
Phishing attacks ppt
Aryan Ragu
 
Social Media And Privacy October 9 2009
Social Media And Privacy October 9 2009Social Media And Privacy October 9 2009
Social Media And Privacy October 9 2009
canadianlawyer
 
Phishing Attacks
Phishing AttacksPhishing Attacks
Phishing Attacks
Jagan Mohan
 
Employee Security Training[1]@
Employee Security Training[1]@Employee Security Training[1]@
Employee Security Training[1]@
R_Yanus
 
Overview of the Cyber Kill Chain [TM]
Overview of the Cyber Kill Chain [TM]Overview of the Cyber Kill Chain [TM]
Overview of the Cyber Kill Chain [TM]
David Sweigert
 
End-User Security Awareness
End-User Security AwarenessEnd-User Security Awareness
End-User Security Awareness
Surya Bathulapalli
 
Information Security Awareness, Petronas Marketing Sudan
Information Security Awareness, Petronas Marketing SudanInformation Security Awareness, Petronas Marketing Sudan
Information Security Awareness, Petronas Marketing Sudan
Ahmed Musaad
 
Cyber Security and Cyber Awareness
Cyber Security and Cyber AwarenessCyber Security and Cyber Awareness
Cyber Security and Cyber Awareness
Arjith K Raj
 
Cybercrime and Security
Cybercrime and SecurityCybercrime and Security
Cybercrime and Security
Noushad Hasan
 
DDoS ATTACKS
DDoS ATTACKSDDoS ATTACKS
DDoS ATTACKS
Anil Antony
 
Cybersecurity for the non-technical
Cybersecurity for the non-technicalCybersecurity for the non-technical
Cybersecurity for the non-technical
Stephen Cobb
 
CYBER SECURITY
CYBER SECURITYCYBER SECURITY
CYBER SECURITY
Mohammad Shakirul islam
 
Information Security Awareness
Information Security Awareness Information Security Awareness
Information Security Awareness
SnapComms
 
Social network privacy & security
Social network privacy & securitySocial network privacy & security
Social network privacy & security
nadikari123
 
Privacy in Social Network Sites
Privacy in Social Network SitesPrivacy in Social Network Sites
Privacy in Social Network Sites
dariphagen
 

Más contenido relacionado

La actualidad más candente

Phishing attacks ppt
Phishing attacks pptPhishing attacks ppt
Phishing attacks ppt
Aryan Ragu
 
Social Media And Privacy October 9 2009
Social Media And Privacy October 9 2009Social Media And Privacy October 9 2009
Social Media And Privacy October 9 2009
canadianlawyer
 
Employee Security Training[1]@
Employee Security Training[1]@Employee Security Training[1]@
Employee Security Training[1]@
R_Yanus
 

La actualidad más candente (20)

Social Networking Security
Social Networking SecuritySocial Networking Security
Social Networking Security
 
Social media and Security risks
Social media and Security risksSocial media and Security risks
Social media and Security risks
 
Social Media and the Future of Privacy
Social Media and the Future of PrivacySocial Media and the Future of Privacy
Social Media and the Future of Privacy
 
Cyber Crime And Security
Cyber Crime And Security Cyber Crime And Security
Cyber Crime And Security
 
cyber terrorism
cyber terrorismcyber terrorism
cyber terrorism
 
Cyber security
Cyber securityCyber security
Cyber security
 
How to Spot and Combat a Phishing Attack - Cyber Security Webinar | ControlScan
How to Spot and Combat a Phishing Attack - Cyber Security Webinar | ControlScanHow to Spot and Combat a Phishing Attack - Cyber Security Webinar | ControlScan
How to Spot and Combat a Phishing Attack - Cyber Security Webinar | ControlScan
 
Phishing attacks ppt
Phishing attacks pptPhishing attacks ppt
Phishing attacks ppt
 
Social Media And Privacy October 9 2009
Social Media And Privacy October 9 2009Social Media And Privacy October 9 2009
Social Media And Privacy October 9 2009
 
Phishing Attacks
Phishing AttacksPhishing Attacks
Phishing Attacks
 
Employee Security Training[1]@
Employee Security Training[1]@Employee Security Training[1]@
Employee Security Training[1]@
 
Overview of the Cyber Kill Chain [TM]
Overview of the Cyber Kill Chain [TM]Overview of the Cyber Kill Chain [TM]
Overview of the Cyber Kill Chain [TM]
 
End-User Security Awareness
End-User Security AwarenessEnd-User Security Awareness
End-User Security Awareness
 
Information Security Awareness, Petronas Marketing Sudan
Information Security Awareness, Petronas Marketing SudanInformation Security Awareness, Petronas Marketing Sudan
Information Security Awareness, Petronas Marketing Sudan
 
Cyber Security and Cyber Awareness
Cyber Security and Cyber AwarenessCyber Security and Cyber Awareness
Cyber Security and Cyber Awareness
 
Cybercrime and Security
Cybercrime and SecurityCybercrime and Security
Cybercrime and Security
 
DDoS ATTACKS
DDoS ATTACKSDDoS ATTACKS
DDoS ATTACKS
 
Cybersecurity for the non-technical
Cybersecurity for the non-technicalCybersecurity for the non-technical
Cybersecurity for the non-technical
 
CYBER SECURITY
CYBER SECURITYCYBER SECURITY
CYBER SECURITY
 
Information Security Awareness
Information Security Awareness Information Security Awareness
Information Security Awareness
 

Destacado

Social network privacy & security
Social network privacy & securitySocial network privacy & security
Social network privacy & security
nadikari123
 
Taliban and Al Qaeda, culural sociology , Sage 2012
Taliban and Al Qaeda, culural sociology , Sage 2012Taliban and Al Qaeda, culural sociology , Sage 2012
Taliban and Al Qaeda, culural sociology , Sage 2012
A.R.M. Imtiyaz
 
Effective use of the internet
Effective use of the internetEffective use of the internet
Effective use of the internet
quiocho2
 
Social Media - Welcome to the Dark Side
Social Media - Welcome to the Dark SideSocial Media - Welcome to the Dark Side
Social Media - Welcome to the Dark Side
Rick Mans
 
The dark side of social networking
The dark side of social networkingThe dark side of social networking
The dark side of social networking
James Ruffer
 
The dark side of social media
The dark side of social mediaThe dark side of social media
The dark side of social media
Mathias Klang
 
Cyberbullying: The Dark Side of Social Media
Cyberbullying: The Dark Side of Social MediaCyberbullying: The Dark Side of Social Media
Cyberbullying: The Dark Side of Social Media
adamkruger
 

Destacado (20)

Social network privacy & security
Social network privacy & securitySocial network privacy & security
Social network privacy & security
 
Privacy in Social Network Sites
Privacy in Social Network SitesPrivacy in Social Network Sites
Privacy in Social Network Sites
 
Social Network Privacy, Security and Identity:One
Social Network Privacy, Security and Identity:OneSocial Network Privacy, Security and Identity:One
Social Network Privacy, Security and Identity:One
 
The Dark Side of Social Media: Privacy Concerns
The Dark Side of Social Media: Privacy ConcernsThe Dark Side of Social Media: Privacy Concerns
The Dark Side of Social Media: Privacy Concerns
 
Presentation Dangers Of Social Media
Presentation Dangers Of Social MediaPresentation Dangers Of Social Media
Presentation Dangers Of Social Media
 
Social networking PPT
Social networking PPTSocial networking PPT
Social networking PPT
 
Cit101 social aspects_and_issues_of_the_internet spring 2012
Cit101 social aspects_and_issues_of_the_internet spring 2012Cit101 social aspects_and_issues_of_the_internet spring 2012
Cit101 social aspects_and_issues_of_the_internet spring 2012
 
Comfort food for all
Comfort food for allComfort food for all
Comfort food for all
 
Taliban and Al Qaeda, culural sociology , Sage 2012
Taliban and Al Qaeda, culural sociology , Sage 2012Taliban and Al Qaeda, culural sociology , Sage 2012
Taliban and Al Qaeda, culural sociology , Sage 2012
 
Effective use of the internet
Effective use of the internetEffective use of the internet
Effective use of the internet
 
Extremism the bane of our society
Extremism the bane of our societyExtremism the bane of our society
Extremism the bane of our society
 
Shedding Light On Dark Social Media: Dave Duarte At Heavy Chef
Shedding Light On Dark Social Media: Dave Duarte At Heavy ChefShedding Light On Dark Social Media: Dave Duarte At Heavy Chef
Shedding Light On Dark Social Media: Dave Duarte At Heavy Chef
 
Social Media - Welcome to the Dark Side
Social Media - Welcome to the Dark SideSocial Media - Welcome to the Dark Side
Social Media - Welcome to the Dark Side
 
Evgeny Morozov
Evgeny MorozovEvgeny Morozov
Evgeny Morozov
 
The dark side of social networking
The dark side of social networkingThe dark side of social networking
The dark side of social networking
 
The Dark Side of Social Media: Legal Issues
The Dark Side of Social Media: Legal IssuesThe Dark Side of Social Media: Legal Issues
The Dark Side of Social Media: Legal Issues
 
The dark side of social media
The dark side of social mediaThe dark side of social media
The dark side of social media
 
Cyberbullying: The Dark Side of Social Media
Cyberbullying: The Dark Side of Social MediaCyberbullying: The Dark Side of Social Media
Cyberbullying: The Dark Side of Social Media
 
Dangers of social networking sites
Dangers of social networking sitesDangers of social networking sites
Dangers of social networking sites
 
Extremism D Causes, Effects & D Cure Baasim Salafi Manhaj
Extremism D Causes, Effects & D Cure Baasim Salafi ManhajExtremism D Causes, Effects & D Cure Baasim Salafi Manhaj
Extremism D Causes, Effects & D Cure Baasim Salafi Manhaj
 

Similar a Online Social Networks: 5 threats and 5 ways to use them safely

Top Ten Tips to Shockproof Your Use of Social Media, Lavacon 2011
Top Ten Tips to Shockproof Your Use of Social Media, Lavacon 2011Top Ten Tips to Shockproof Your Use of Social Media, Lavacon 2011
Top Ten Tips to Shockproof Your Use of Social Media, Lavacon 2011
Ben Woelk, CISSP, CPTC
 
Brandon + Eddie users guide phi 235
Brandon + Eddie users guide phi 235Brandon + Eddie users guide phi 235
Brandon + Eddie users guide phi 235
brendaylo
 
Protecting Personal Privacy
Protecting Personal PrivacyProtecting Personal Privacy
Protecting Personal Privacy
DoubleXDS
 
Lis 768 Privacy Presentation
Lis 768 Privacy PresentationLis 768 Privacy Presentation
Lis 768 Privacy Presentation
Julia Bryan-Diehl
 

Similar a Online Social Networks: 5 threats and 5 ways to use them safely (20)

Shockproofing Your Use of Social Media
Shockproofing Your Use of Social MediaShockproofing Your Use of Social Media
Shockproofing Your Use of Social Media
 
Social groups for awareness
Social groups for awarenessSocial groups for awareness
Social groups for awareness
 
Social media-threats
Social media-threatsSocial media-threats
Social media-threats
 
L2 rules of netiquette
L2 rules of netiquetteL2 rules of netiquette
L2 rules of netiquette
 
Top Ten Tips to Shockproof Your Use of Social Media, Lavacon 2011
Top Ten Tips to Shockproof Your Use of Social Media, Lavacon 2011Top Ten Tips to Shockproof Your Use of Social Media, Lavacon 2011
Top Ten Tips to Shockproof Your Use of Social Media, Lavacon 2011
 
Internet Credibility
Internet CredibilityInternet Credibility
Internet Credibility
 
Brandon + Eddie users guide phi 235
Brandon + Eddie users guide phi 235Brandon + Eddie users guide phi 235
Brandon + Eddie users guide phi 235
 
Cyber Safety How Children Can Protect Themselves From Online Threats
Cyber Safety How Children Can Protect Themselves From Online ThreatsCyber Safety How Children Can Protect Themselves From Online Threats
Cyber Safety How Children Can Protect Themselves From Online Threats
 
Internet safety presentation for parents 2018
Internet safety presentation for parents 2018Internet safety presentation for parents 2018
Internet safety presentation for parents 2018
 
Internet Safety for Parents presentation 2017
Internet Safety for Parents presentation 2017Internet Safety for Parents presentation 2017
Internet Safety for Parents presentation 2017
 
Internet safety presentation 2019
Internet safety presentation 2019Internet safety presentation 2019
Internet safety presentation 2019
 
Cybersecurity additional activities
Cybersecurity additional activitiesCybersecurity additional activities
Cybersecurity additional activities
 
Internet Safety 2.0
Internet Safety 2.0Internet Safety 2.0
Internet Safety 2.0
 
Top Ten Ways to Shockproof Your Use of Social Media
Top Ten Ways to Shockproof Your Use of Social MediaTop Ten Ways to Shockproof Your Use of Social Media
Top Ten Ways to Shockproof Your Use of Social Media
 
Rules of netiquette & cyber crimes
Rules of netiquette & cyber crimesRules of netiquette & cyber crimes
Rules of netiquette & cyber crimes
 
Protecting Personal Privacy
Protecting Personal PrivacyProtecting Personal Privacy
Protecting Personal Privacy
 
Protect Your Identity During Social Networking
Protect Your Identity During Social NetworkingProtect Your Identity During Social Networking
Protect Your Identity During Social Networking
 
Top Ten Tips for Shockproofing Your Use of Social Media, Lavacon 2011
Top Ten Tips for Shockproofing Your Use of Social Media, Lavacon 2011Top Ten Tips for Shockproofing Your Use of Social Media, Lavacon 2011
Top Ten Tips for Shockproofing Your Use of Social Media, Lavacon 2011
 
Users guide
Users guideUsers guide
Users guide
 
Lis 768 Privacy Presentation
Lis 768 Privacy PresentationLis 768 Privacy Presentation
Lis 768 Privacy Presentation
 

Más de Tom Eston

Privacy Exposed: Ramifications of Social Media and Mobile Technology
Privacy Exposed: Ramifications of Social Media and Mobile TechnologyPrivacy Exposed: Ramifications of Social Media and Mobile Technology
Privacy Exposed: Ramifications of Social Media and Mobile Technology
Tom Eston
 
Cash is King: Who's Wearing Your Crown?
Cash is King: Who's Wearing Your Crown?Cash is King: Who's Wearing Your Crown?
Cash is King: Who's Wearing Your Crown?
Tom Eston
 
Social Zombies: Rise of the Mobile Dead
Social Zombies: Rise of the Mobile DeadSocial Zombies: Rise of the Mobile Dead
Social Zombies: Rise of the Mobile Dead
Tom Eston
 
The Android vs. Apple iOS Security Showdown
The Android vs. Apple iOS Security Showdown The Android vs. Apple iOS Security Showdown
The Android vs. Apple iOS Security Showdown
Tom Eston
 
Five Lessons Learned From Breaking Into A Casino: Confessions of a Penetratio...
Five Lessons Learned From Breaking Into A Casino: Confessions of a Penetratio...Five Lessons Learned From Breaking Into A Casino: Confessions of a Penetratio...
Five Lessons Learned From Breaking Into A Casino: Confessions of a Penetratio...
Tom Eston
 
Don't Drop the SOAP: Real World Web Service Testing for Web Hackers
Don't Drop the SOAP: Real World Web Service Testing for Web Hackers Don't Drop the SOAP: Real World Web Service Testing for Web Hackers
Don't Drop the SOAP: Real World Web Service Testing for Web Hackers
Tom Eston
 
Attacking and Defending Apple iOS Devices
Attacking and Defending Apple iOS DevicesAttacking and Defending Apple iOS Devices
Attacking and Defending Apple iOS Devices
Tom Eston
 
Social Zombies Gone Wild: Totally Exposed and Uncensored
Social Zombies Gone Wild: Totally Exposed and UncensoredSocial Zombies Gone Wild: Totally Exposed and Uncensored
Social Zombies Gone Wild: Totally Exposed and Uncensored
Tom Eston
 
Social Zombies II: Your Friends Need More Brains
Social Zombies II: Your Friends Need More BrainsSocial Zombies II: Your Friends Need More Brains
Social Zombies II: Your Friends Need More Brains
Tom Eston
 
Enterprise Open Source Intelligence Gathering
Enterprise Open Source Intelligence GatheringEnterprise Open Source Intelligence Gathering
Enterprise Open Source Intelligence Gathering
Tom Eston
 
New School Man-in-the-Middle
New School Man-in-the-MiddleNew School Man-in-the-Middle
New School Man-in-the-Middle
Tom Eston
 
Rise of the Autobots: Into the Underground of Social Network Bots
Rise of the Autobots: Into the Underground of Social Network BotsRise of the Autobots: Into the Underground of Social Network Bots
Rise of the Autobots: Into the Underground of Social Network Bots
Tom Eston
 

Más de Tom Eston (18)

Privacy Exposed: Ramifications of Social Media and Mobile Technology
Privacy Exposed: Ramifications of Social Media and Mobile TechnologyPrivacy Exposed: Ramifications of Social Media and Mobile Technology
Privacy Exposed: Ramifications of Social Media and Mobile Technology
 
Cash is King: Who's Wearing Your Crown?
Cash is King: Who's Wearing Your Crown?Cash is King: Who's Wearing Your Crown?
Cash is King: Who's Wearing Your Crown?
 
Social Zombies: Rise of the Mobile Dead
Social Zombies: Rise of the Mobile DeadSocial Zombies: Rise of the Mobile Dead
Social Zombies: Rise of the Mobile Dead
 
The Android vs. Apple iOS Security Showdown
The Android vs. Apple iOS Security Showdown The Android vs. Apple iOS Security Showdown
The Android vs. Apple iOS Security Showdown
 
Five Lessons Learned From Breaking Into A Casino: Confessions of a Penetratio...
Five Lessons Learned From Breaking Into A Casino: Confessions of a Penetratio...Five Lessons Learned From Breaking Into A Casino: Confessions of a Penetratio...
Five Lessons Learned From Breaking Into A Casino: Confessions of a Penetratio...
 
Smart Bombs: Mobile Vulnerability and Exploitation
Smart Bombs: Mobile Vulnerability and ExploitationSmart Bombs: Mobile Vulnerability and Exploitation
Smart Bombs: Mobile Vulnerability and Exploitation
 
Don't Drop the SOAP: Real World Web Service Testing for Web Hackers
Don't Drop the SOAP: Real World Web Service Testing for Web Hackers Don't Drop the SOAP: Real World Web Service Testing for Web Hackers
Don't Drop the SOAP: Real World Web Service Testing for Web Hackers
 
Attacking and Defending Apple iOS Devices
Attacking and Defending Apple iOS DevicesAttacking and Defending Apple iOS Devices
Attacking and Defending Apple iOS Devices
 
Social Zombies Gone Wild: Totally Exposed and Uncensored
Social Zombies Gone Wild: Totally Exposed and UncensoredSocial Zombies Gone Wild: Totally Exposed and Uncensored
Social Zombies Gone Wild: Totally Exposed and Uncensored
 
Social Zombies II: Your Friends Need More Brains
Social Zombies II: Your Friends Need More BrainsSocial Zombies II: Your Friends Need More Brains
Social Zombies II: Your Friends Need More Brains
 
Enterprise Open Source Intelligence Gathering
Enterprise Open Source Intelligence GatheringEnterprise Open Source Intelligence Gathering
Enterprise Open Source Intelligence Gathering
 
Staying Safe & Secure on Twitter
Staying Safe & Secure on TwitterStaying Safe & Secure on Twitter
Staying Safe & Secure on Twitter
 
New School Man-in-the-Middle
New School Man-in-the-MiddleNew School Man-in-the-Middle
New School Man-in-the-Middle
 
Rise of the Autobots: Into the Underground of Social Network Bots
Rise of the Autobots: Into the Underground of Social Network BotsRise of the Autobots: Into the Underground of Social Network Bots
Rise of the Autobots: Into the Underground of Social Network Bots
 
Information Gathering With Maltego
Information Gathering With MaltegoInformation Gathering With Maltego
Information Gathering With Maltego
 
Automated Penetration Testing With Core Impact
Automated Penetration Testing With Core ImpactAutomated Penetration Testing With Core Impact
Automated Penetration Testing With Core Impact
 
Automated Penetration Testing With The Metasploit Framework
Automated Penetration Testing With The Metasploit FrameworkAutomated Penetration Testing With The Metasploit Framework
Automated Penetration Testing With The Metasploit Framework
 
Physical Security Assessments
Physical Security AssessmentsPhysical Security Assessments
Physical Security Assessments
 

Último

A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
Igalia
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Igalia
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
Joaquim Jorge
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
Delhi Call girls
 

Último (20)

Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 

Online Social Networks: 5 threats and 5 ways to use them safely

  • 1. Online Social Networks Photo provided by http://flickr.com/photos/luc/1804295568/ via GNUCITIZEN 5 threats and 5 ways to use them safely
  • 2. What are Online Social Networks?  Online community of Internet users  Users share common interests − Hobbies − Religion − Politics − Friends − Schools  Multiple ways for users to interact such as chat, messaging, email, video, voice chat, file sharing, blogging, discussion groups...
  • 3. Who uses Online Social Networks?  Most popular with “Generation-Y”  “Teens and Tweens”  “Generation-X” and older is the latest trend
  • 4. Most Popular Social Networking Web Sites
  • 5. Top 5 Threats to Online Social Networks
  • 6. #1 Cyberbullying, stalking, and sexual predators  Teens bashing other teens...  Megan Meier suicide  MySpace released a report in 2007 showing 29,000 registered sex offenders on MySpace
  • 7. #2 Vulnerabilities in Applications/Widgets  Widgets, third-party applications  XSS (Cross Site Scripting) Samy/Quicktime  Malicious banner ads/background images (Alicia Keys’)  Be careful! Some applications will override privacy settings! From the blog post: “Invading the Space: Alicia Keys’ MySpace and… RBN?” http://blog.trendmicro.com/invading-the-space-alicia-keys-myspace-and-rbn/
  • 8. #3 Spear Phishing and SPAM  Fake “friend requests”  Emails that look like they are legitimate! Screen shot courtesy of Paul Asadoorian, pauldotcom.com
  • 9. #4 Collection and aggregation of personal data  Most privacy policies are very vague  Think about it...$35 per user when MySpace was sold to News Corp in 2005  Sites like Plaxo aggregate all of these social networks together The following is an example of a privacy statement: “[SNS Provider] also logs non-personally identifiable information including IP address, profile information, aggregate user data, and browser type, from users and visitors to the site. This data is used to manage the website, track usage and improve the website services. This non-personally-identifiable information may be shared with third-parties to provide more relevant services and advertisements to members.” - From the ENISA position paper “Security Issues and Recommendations for Online Social Networks
  • 10. #5 Evil Twin Attacks Chris Pirillo by Alan Berner - The Seattle Times  Fake profiles  Reputation slander  Corporate espionage (LinkedIn)  Weak authentication of the user (are you who you say you are?)
  • 11. Top 5 Ways to Safely use Online Social Networks
  • 12. #1 Set appropriate privacy defaults  All Social Networking sites have wide-open privacy defaults!
  • 13. #2 Be careful with third-party applications/widgets  Some of these applications will override privacy settings  Example: “Secret Crush” Facebook application − Installed adware “worm” Photos from Fortinet: http://www.fortiguardcenter.com/advisory/FGA-2007-16.html
  • 14. #3 Limit personal information  Don’t post your full name, SSN, address...etc...  Be cautious about posting information that could be used to identify you or locate you offline  Careful with choosing an online alias and what it says about you “The more info you share, the more valuable you are”
  • 15. #4 Only accept friend requests/connections from people you know directly  Most are SPAM  Most are bots that want to trick you!  LinkedIn − Be aware of corporate espionage!
  • 16. #5 Only post information your mother is comfortable seeing!  Anyone can view these photos including employers, friends, and enemy's  Don't trust a private profile! “Use common sense!”