The bad side of the growing popularity of social media

With the proliferation of social media, everyone — or at least those less vigilant about managing online accounts — is becoming more vulnerable to phishing and other forms of cyber attacks.

Try reviewing your Facebook stream of friend updates. Although most appear harmless, some posts are actually done without their consent. Links to certain videos, and recently, photo of the dead Osama bin Laden, started to get posted on every friend’s wall. And once you click on such type of links out of curiosity, or because you overly trusted a friend who fell into the trap, you become the next assigned distributor of malicious links. This time it’s your turn to spam your own set of friends in an automated fashion.

Not that these friends are dumb, but to the untrained eye, it’s hard to distinguish such sneaky attacks disguised as attractive photos or apparently interesting videos. Another link difficult to uncover without clicking on it are shared links on web pages encapsulated within a shortened URLs. While Twitter applications or browser extensions allow users to preview a shortened URL before clicking it, Facebook doesn’t offer the same feature, which leaves users to fend for themselves in times of trouble. If friends unwittingly click these shortened URLs that open up malicious sites and trigger scripts that automatically invite friends to do the same, one also has to deal with embarrassment before social media connections who think he or she is a gullible fellow to fall for such fake invites.

Certainly users should avoid clicking on shortened URLs that appear on Facebook’s feed streams. Shortened URLs are web addresses only a few characters long, which redirect users to a website with a longer address. The limitation of Twitter’s character count provided an excuse to use them, however Facebook allows much more space which renders these URL shorteners unnecessary. But if users click whatever is clickable: ads, photos, likes and whatever is visible; there is no stopping them from falling into the trap and this worries security experts.

Hong Kong’s Computer Emergency Response Team Co-ordination Centre recorded an increase in security alerts from 220 in 2009 to 308 in 2010. Overall, the agency had 1,153 recorded issues last year, most of which involved hacking attempts. Using social media platforms to set up scams and attempts to steal personal information is more effective than a random email because friends are perceived as more trustworthy people than strangers. Plus, spam emails don’t get past spam folders anyway.

Even though the threat is getting more serious, security experts don’t have to dig deeper in their bag of tricks for advice. Here are simple tips drawn from common sense.

1. Do not add strangers on social media. Even if they claim they know your friends.
2. Do not share personal details — like your exact birthday — in public, even if social media is synonymous to sharing.
3. Do not easily trust anyone. Someone else might be impersonating someone you know.