According to the results of a survey conducted by Kaspersky Lab and B2B International, only a small number of respondents understand the risks associated with active use of social networks. At greatest risk are those who use mobile devices to access social networking sites.
The survey shows that communication via social networks is one of the most popular activities on the Internet. Overall, social networking was the third most popular activity after checking email and reading, and was even more popular on mobile devices – ranking second.
At the same time, 78% of the respondents do not think they are of any interest to hackers or do not even think about this issue. Every tenth user discusses private information with strangers, while another 15% of those surveyed use social networks to share information they would never disclose in the real life. Furthermore, 12% of respondents enter their data to online accounts while connected to public Wi-Fi. Only 18% think they reveal more personal information than they should on social networks, and only 7% of respondents include their social network credentials in the list of three types of information they are most afraid of losing.
Careless user behaviour can lead to unpleasant consequences. Attackers often look through social networks searching for information inadvertently left by the user. This information may help them in committing a crime: email addresses can be used for fraudulent schemes; some information may help them break a password or identify a user location and much more. In turn, access to a user account can give cyber criminals even more opportunities, including sending malicious links and files to the target’s "friends", stealing personal data that will later be sold on the black market, etc.
Statistics show that hacker interest in social networks is not dying out. According to Kaspersky Security Network data, in 2013 Kaspersky Lab products blocked more than 600 million attempts to visit a phishing (fake) page and over 35% of these sites imitated social networking sites. The survey also shows that 40% of users faced suspicious messages asking them to follow an unknown link or download a potentially malicious file, and 21% of users received emails sent allegedly by a social network in an attempt to obtain their credentials.
Moreover, mobile users often find themselves in even greater danger: only 6% of all respondents stated their social network accounts had been "taken over" by hackers, while among the owners of Android based-tablets this figure reached 13%. In addition, the number of victims varies depending not only on the device used but also on the place of residence: unauthorized access to social network accounts was reported by 16% of the users in China and the Asia-Pacific region, 19% in Russia, and only 2% of Japanese and 4% of North American respondents.
To avoid falling victim to fraudsters in social networks, users are recommended to follow a few simple rules:
- Use strong passwords for your accounts and disable the auto-complete function, especially if you log in from your smartphone or tablet;
- Restrict the amount of information you share on the network; divide your "friends" into groups so that you can share something very personal only with those you really trust;
- Do not download files, do not follow the links if you are not sure who has sent them and why;
- Before you enter your credentials, make sure it is not a fake page created in order to get your username and password;
- Try to use a secure connection if possible, do not enter your login and password when connecting to the first hotspot you come across;
- And most importantly, make sure the device you use to enter a social network is well protected: use a password to access the device and a reliable security solution.
For example, the next generation security solution for home users Kaspersky Internet Security – Multi-Device recently presented by Kaspersky Lab is capable of protecting multiple devices, be it computers running Microsoft Windows, Apple OS X or smartphones and tablets based on Android, iOS and Windows Phone. The Anti-phishing module on all of these platforms checks the sites the user opens and verifies the authenticity of certificates, preventing the user from falling victim to fraudsters. In addition, the owners of Windows, Android and OS X devices are protected from any attempts to steal their credentials by using malicious software, be it keyloggers intercepting usernames and passwords or Trojans "creating" extra fake fields on legitimate websites. In addition, Kaspersky Internet Security checks the Wi-Fi connection and warns if it is not securely protected and could be used to steal personal data.