By Anne Collier
Don’t be socially engineered. Tell your kids that social Web users really need to think before they click, because writing malicious code isn’t cybercriminals’ only skill. Increasingly it’s social engineering, which usually involves being tricked to click on a link that is not what it appears. Attacks on Facebook and Twitter, the two social-media services on which malicious hackers are focusing more and more aggressively, depend on “rapidly disseminating content to millions of users,” USATODAY reports. How is that done? The attackers pose as people you follow or who are on your friends list and post links in tweets or status updates. It can be hard to tell it’s not the person you know or follow, but it helps to make sure there’s other information in the post, the kind your friend or colleague is likely to post – not just something empty and random like “Hey, check out this page/video/photo.” If you or your kids follow the occasional celebrity, be extra alert. That would be an attractive page or profile for a hacker to attack because of all the fans who’d instantly see that link! Pickpockets work crowded places, right? Also be extra alert about clicking to surveys, contests, and “easy” moneymaking opps. “Often … spam comes from ‘clickjackers’ who make money by getting users to click to a webpage full of ads, or to an advertising-related survey. They get paid up to $1 a click from advertisers, and can make hundreds of thousands of dollars a day,” USATODAY adds. For example, in Twitter, spammers recently used a mouse-over feature: “Anyone who simply moused over a corrupted … tweet caused an identical tainted tweet to be sent to all of his or her followers,” according to the article (I use Twitter apps Tweetdeck and Twitteriffic more than the Twitter Web site, which can help).
Addendum: Just found this fun, readable account of the Twitter mouse-over worm’s creation by a 17-year-old Australian, from eModeration’s Kate Williams in the UK, who says to us parents (and she’s right): “People, it’s in the job description: Our unenviable but unshirkable task is to direct our offspring’s terrifying ingenuity toward ‘positive outcomes’ and away from the making-others-miserable thing. It’s all the more vital because the Web infinitely expands their capacity to do casual damage; just as its intrinsic anonymity increases the temptation to behave badly by reducing the possibility of being caught.” In other words, as Prof. Henry Jenkins at USC says, quoting Uncle Ben advising young Peter Parker (aka Spider-Man”): “With great power comes great responsibility” and, he told our OSTWG task force last fall, young people “are looking for guidance often [in their use of new media] but don’t know where to turn.” How about their (informed) parents?!