He told the audience that messages on social networks could read along the lines of “a bomb has just gone off in xxx”, where the location is filled in on a city near the user based on geographical IP information.
Tanase said it is only a matter of time before these targeted attacks will become automated.
The same logic of fooling victims by using geographical information is being used by Nigerian phishing scammers that use translation software to target potential victims in their own language.
Social networks: increasing popularity = increasing threats?
In the ISSE 2009 presentation, Tanase demonstrated the increasing popularity, and importance placed on, social networks and how this makes them attractive to cybercriminals.
Recently, Facebook reached over 300 million users world wide, and with such a wide user base, social networks become more and more attractive to malware writers and cybercriminals.
According to Kaspersky figures, there were 43 000 samples of social networking malware at the end of 2008 and the number more than doubled every year.
A particular trait of social networking malware is that it tends to exploit the human factor luring users to infect their own computers.
The Web 2.0 worm Koobface, has proven itself very effective, Tanase said. It only spreads through social networks and its ‘success’ rate is much higher than for traditional email worms. Social networking worms have a 10% success rate, whereas email worms have a 1% success rate – perhaps because people trust direct messages from ‘friends’ more than emails from unknown senders. Social network malware exploits trust relationships, Tanase added.
Social networks do not pay enough attention to security as their main focus is to have high visibility and keep up with users and their demands. As a result, applications offered within social networks could contain malware running behind them without users being aware.