SlideShare ist ein Scribd-Unternehmen logo

Social networking malware

‱
‱
GFI Software
GFI Software

Social networking has changed the way businesses communicate with their customers and partners, with most organizations now incorporating social media into their marketing and communications strategies. Unsurprisingly, the popularity of this new media has also created an influx of social-specific malware.

TechnologieBusiness
1 von 5
Downloaden Sie, um offline zu lesen
GFI White Paper Social networking malware: The dangers facing SMBs Social networking has changed the way businesses communicate with their customers and partners, with most organizations now incorporating social media into their marketing and communications strategies. Unsurprisingly, the popularity of this new media has also created an influx of social-specific malware.
Contents Introduction 3 Making friends, followers and circles 3 The growth of social malware 3 The risk to your business 3 The need for layered security 3 Conclusion 4 About GFI VIPRE¼ Antivirus Business 4 About GFI 4 Hackers don’t discriminate: Viruses attack all platform users 2
This white paper describes the rise of social networking, the types of malware targeting social platforms and how small and medium-sized businesses (SMBs) can protect themselves against the latest social threats. Making friends, followers and circles In the first eight months of 2011, Facebook added over 250 million users. Similarly, Tumblr use grew 166 percent this year, with the popular micro-blogging site now boasting 10.7 million users. Today, the average person spends 16 percent of his or her time online at social sites, like Facebook and Tumblr, often checking these sites from work or on company-supplied laptops and smartphones.1 And employers, for the most part, don’t discourage social networking on these devices during off-hours. The growth of social malware Recent reports from various security research labs show a 20 to 40 percent increase in malware targeting social networking sites. And cybercriminals are very clever in luring social-site users to unwittingly download viruses and malware. For example, a malicious link may prompt an application or file download to view a news article or video. If a user complies, malware installs on his or her device and quickly spreads throughout their corporate network. Cybercriminals also benefit from the weak passwords individuals use to log into social sites. They know “many people still use the same username and password for all their online activities, including banking, shopping and email,” says Chris Boyd, GFI Software senior threat researcher, and they take advantage of it. Some malware attacks create a dangerous domino effect, such as hacked Twitter accounts tweeting malicious links to unsuspecting followers and spreading malware exponentially. This chain-reaction malware is not limited to Twitter, as GFI Software found in recent Facebook survey scams. Here, cybercriminals offer free merchandise for participation in surveys and suggest sharing the survey on your Facebook wall, so your friends can also win. At best, those that completed the survey saw an increase in spam. At worst, their personal and financial information was stolen by identity thieves. The risk to your business Malicious attacks, on social networks and through other mediums, are the number one cause of data breaches2, surpassing lost or stolen laptops and accidental sharing. These attacks impact businesses most notably from a cost perspective. Direct costs include detection, remediation and notification efforts as well as tech support, credit monitoring and legal fees. Based on a review of 51 businesses that suffered data breaches of between 4,200 and 105,000 records, the Ponemon Institute reported the average cost per contaminated record due to a malicious attack as $318.3 Indirect costs of malicious attacks were also considered in the Ponemon Institute estimate. These include IT resources diverted from other projects to focus on repair and damage control as well as sales, marketing, customer service and management teams shifting tasks to emergency communication efforts to repair customer trust. In addition to increased costs, businesses risk the loss of intellectual property from a malware attack. If a cybercriminal gains access to a corporate network, that company stands to lose new product development plans, confidential marketing or shareholder information and other types of intellectual capital. comScore, June 2011, http://blog.comscore.com/2011/06/facebook_linkedin_twitter_tumblr.html 1 Ponemon Institute, 2010 Annual Study: U.S. Cost of a Data Breach 2 Ponemon Institute, 2010 Annual Study: U.S. Cost of a Data Breach 3 Social networking malware: The dangers facing SMBs 3
The need for layered security Malware attacks are expensive for any company, but for SMBs, costs are magnified. The best strategy for these businesses to protect against social networking malware is a two-pronged approach: education and technology. The easiest way to prepare employees for the types of malware they may come across is by showing them examples. Share screenshots of Facebook scams, Twitter hacks or fake LinkedIn invitations. Start a monthly newsletter that offers quick tips on avoiding social malware, such as creating strong passwords, only using trustworthy news sources and not clicking on questionable links. When employees realize how convincing these attacks can be, they will also understand how to avoid them. In addition to employee education, a business antivirus solution is essential in protecting against social malware. Not all AV solutions are equal, and the one you choose should include: » Powerful scanning technology. High-quality AV solutions will analyze and detect potential viruses and malware before they infect user machines » Active monitoring and protection. Most SMBs don’t have the time or resources to constantly monitor their networks for security threats. Invest in a solution that protects your network and user machines in real time, automatically. » Malicious web filtering. Block bad URLs before they hit your network with a solution that uses the latest behavioral analysis and malware URL detection technology. Conclusion Rather than face the risks associated with social networking, some SMBs have chosen to ban the use of these applications at the workplace. But in today’s interconnected world, where there are real business benefits from social media, this is not a realistic strategy. Companies must take a practical approach in protecting their organizations against malware attacks, by combining employee education with powerful AV security solutions. About GFI VIPREÂź Antivirus Business VIPRE Antivirus Business combines the latest antivirus and anti-spyware detection and removal technologies to protect against next-generation malware threats in a comprehensive and highly efficient manner. Built by IT administrators for IT administrators, VIPRE is easy to install, easy to deploy and easy to manage with minimal network and system performance impact. The solution delivers superior endpoint protection against viruses, worms, spyware, Trojans, bots and rootkits via a single, powerful anti-malware engine and wide range of detection methods, including Cobraℱ heuristics for first-level heuristic analysis and Active Protectionℱ for real-time malware detection inside the Windows kernel. For more information, visit http://www.gfi.com/business-antivirus-software. About GFI GFI Software provides web and mail security, archiving, backup and fax, networking and security software and hosted IT solutions for small to medium-sized businesses (SMBs) via an extensive global partner community. GFI products are available either as on-premise solutions, in the cloud or as a hybrid of both delivery models. With award-winning technology, a competitive pricing strategy, and a strong focus on the unique requirements of SMBs, GFI satisfies the IT needs of organizations on a global scale. The company has offices in the United States (North Carolina, California and Florida), UK (London and Dundee), Austria, Australia, Malta, Hong Kong, Philippines and Romania, which together support hundreds of thousands of installations worldwide. GFI is a channel-focused company with thousands of partners throughout the world and is also a Microsoft Gold Certified Partner. More information about GFI can be found at http://www.gfi.com. Hackers don’t discriminate: Viruses attack all platform users 4
USA, CANADA AND CENTRAL AND SOUTH AMERICA GFI 2011 Nov01 33 North Garden Ave, Suite 1200, Clearwater, FL USA Telephone: +1 (888) 688-8457 Fax: +1 (727) 562-5199 ussales@gfi.com 15300 Weston Parkway, Suite 104, Cary, NC 27513, USA Telephone: +1 (888) 243-4329 Fax: +1 (919) 379-3402 ussales@gfi.com UK AND REPUBLIC OF IRELAND Magna House, 18-32 London Road, Staines, Middlesex, TW18 4BP, UK Telephone: +44 (0) 870 770 5370 Fax: +44 (0) 870 770 5377 sales@gfi.co.uk EUROPE, MIDDLE EAST AND AFRICA GFI House, San Andrea Street, San Gwann, SGN 1612, Malta Telephone: +356 2205 2000 Fax: +356 2138 2419 sales@gfi.com AUSTRALIA AND NEW ZEALAND 83 King William Road, Unley 5061, South Australia Telephone: +61 8 8273 3000 Fax: +61 8 8273 3099 sales@gfiap.com For a full list of GFI offices/contact details worldwide, please visit http://www.gfi.com/contactus Disclaimer © 2011. GFI Software. All rights reserved. All product and company names herein may be trademarks of their respective owners. The information and content in this document is provided for informational purposes only and is provided “as is” with no warranty of any kind, either express or implied, including but not limited to the implied warranties of merchantability, fitness for a particular purpose, and non-infringement. GFI Software is not liable for any damages, including any consequential damages, of any kind that may result from the use of this document. The information is obtained from publicly available sources. Though reasonable effort has been made to ensure the accuracy of the data provided, GFI makes no claim, promise or guarantee about the completeness, accuracy, recency or adequacy of information and is not responsible for misprints, out- of-date information, or errors. GFI makes no warranty, express or implied, and assumes no legal liability or responsibility for the accuracy or completeness of any information contained in this document. If you believe there are any factual errors in this document, please contact us and we will review your concerns as soon as practical.

Empfohlen

Perfect place to get the home loans
Perfect place to get the home loansPerfect place to get the home loans
Perfect place to get the home loans
CreditNation
 
0 mq the guide
0 mq the guide0 mq the guide
0 mq the guide
hik_lhz
 
Company Profile of J J Project Consultants
Company Profile of J J Project ConsultantsCompany Profile of J J Project Consultants
Company Profile of J J Project Consultants
Jayant Joshi
 
J79 1063
J79 1063J79 1063
J79 1063
Jahanzeb Jahan
 
Liberate health
Liberate healthLiberate health
Liberate health
LiberateHealth
 
Company Profile For Ruwach Hub Pty Ltd and Humanitarian Work 2016
Company Profile For Ruwach Hub Pty Ltd and Humanitarian Work 2016Company Profile For Ruwach Hub Pty Ltd and Humanitarian Work 2016
Company Profile For Ruwach Hub Pty Ltd and Humanitarian Work 2016
Thuli - Ayomide Buthelezi
 
Beyond natural mind
Beyond natural mindBeyond natural mind
Beyond natural mind
Adams Coulibaly
 
Plaintiff's response to defendant's motion to dismeiss action for failure to ...
Plaintiff's response to defendant's motion to dismeiss action for failure to ...Plaintiff's response to defendant's motion to dismeiss action for failure to ...
Plaintiff's response to defendant's motion to dismeiss action for failure to ...
Cocoselul Inaripat
 

Empfohlen

Perfect place to get the home loans
Perfect place to get the home loansPerfect place to get the home loans
Perfect place to get the home loans
CreditNation
 
0 mq the guide
0 mq the guide0 mq the guide
0 mq the guide
hik_lhz
 
Company Profile of J J Project Consultants
Company Profile of J J Project ConsultantsCompany Profile of J J Project Consultants
Company Profile of J J Project Consultants
Jayant Joshi
 
J79 1063
J79 1063J79 1063
J79 1063
Jahanzeb Jahan
 
Liberate health
Liberate healthLiberate health
Liberate health
LiberateHealth
 
Company Profile For Ruwach Hub Pty Ltd and Humanitarian Work 2016
Company Profile For Ruwach Hub Pty Ltd and Humanitarian Work 2016Company Profile For Ruwach Hub Pty Ltd and Humanitarian Work 2016
Company Profile For Ruwach Hub Pty Ltd and Humanitarian Work 2016
Thuli - Ayomide Buthelezi
 
Beyond natural mind
Beyond natural mindBeyond natural mind
Beyond natural mind
Adams Coulibaly
 
Plaintiff's response to defendant's motion to dismeiss action for failure to ...
Plaintiff's response to defendant's motion to dismeiss action for failure to ...Plaintiff's response to defendant's motion to dismeiss action for failure to ...
Plaintiff's response to defendant's motion to dismeiss action for failure to ...
Cocoselul Inaripat
 
U.s. history pacing guide 2011
U.s. history pacing guide 2011U.s. history pacing guide 2011
U.s. history pacing guide 2011
mrsstrong-clay
 
Smart Cells
Smart CellsSmart Cells
Smart Cells
Michael Peeters
 
Case study: Online store Ownta.com
Case study: Online store Ownta.comCase study: Online store Ownta.com
Case study: Online store Ownta.com
Simtech Development, Ltd.
 
quest diagnostics 03AR_2
quest diagnostics 03AR_2quest diagnostics 03AR_2
quest diagnostics 03AR_2
finance34
 
2014 Owen Sound Visitors Guide
2014 Owen Sound Visitors Guide2014 Owen Sound Visitors Guide
2014 Owen Sound Visitors Guide
City of Owen Sound
 
US China Legal Exchange - 12-9-13
US China Legal Exchange - 12-9-13US China Legal Exchange - 12-9-13
US China Legal Exchange - 12-9-13
Jim Chapman
 
GIS Mapping Webinar Part 3
GIS Mapping Webinar Part 3 GIS Mapping Webinar Part 3
GIS Mapping Webinar Part 3
Legal Services National Technology Assistance Project (LSNTAP)
 
Hire Efficient and Professional Website Designer from Us
Hire Efficient and Professional Website Designer from UsHire Efficient and Professional Website Designer from Us
Hire Efficient and Professional Website Designer from Us
WebGuru Infosystems Pvt. Ltd.
 
ሔለ áŠąáˆ”áˆ‹áˆ ለማወቅ በአማሹኛ.pdf
ሔለ áŠąáˆ”áˆ‹áˆ ለማወቅ በአማሹኛ.pdfሔለ áŠąáˆ”áˆ‹áˆ ለማወቅ በአማሹኛ.pdf
ሔለ áŠąáˆ”áˆ‹áˆ ለማወቅ በአማሹኛ.pdf
Nuradin Sultan
 
Spotlight on GFI EndPoint Security 2013
Spotlight on GFI EndPoint Security 2013Spotlight on GFI EndPoint Security 2013
Spotlight on GFI EndPoint Security 2013
GFI Software
 
Network Environments
Network EnvironmentsNetwork Environments
Network Environments
GFI Software
 
The Threats Posed by Portable Storage Devices
The Threats Posed by Portable Storage DevicesThe Threats Posed by Portable Storage Devices
The Threats Posed by Portable Storage Devices
GFI Software
 
Hybrid Technology
Hybrid TechnologyHybrid Technology
Hybrid Technology
GFI Software
 
Email Continuity
Email ContinuityEmail Continuity
Email Continuity
GFI Software
 
Understanding Data Backups
Understanding Data BackupsUnderstanding Data Backups
Understanding Data Backups
GFI Software
 
Data Backups
Data BackupsData Backups
Data Backups
GFI Software
 
Master Class Series
Master Class SeriesMaster Class Series
Master Class Series
GFI Software
 
Security Threats for SMBs
Security Threats for SMBsSecurity Threats for SMBs
Security Threats for SMBs
GFI Software
 
Security and SMBs
Security and SMBsSecurity and SMBs
Security and SMBs
GFI Software
 
Vulnerability Management
Vulnerability ManagementVulnerability Management
Vulnerability Management
GFI Software
 
Deploying GFI EventsManagerℱ
Deploying GFI EventsManagerℱDeploying GFI EventsManagerℱ
Deploying GFI EventsManagerℱ
GFI Software
 
How to Perform Network-wide Security Event Log Management
How to Perform Network-wide Security Event Log ManagementHow to Perform Network-wide Security Event Log Management
How to Perform Network-wide Security Event Log Management
GFI Software
 

Weitere Àhnliche Inhalte

Andere mochten auch

quest diagnostics 03AR_2
quest diagnostics 03AR_2quest diagnostics 03AR_2
quest diagnostics 03AR_2
finance34
 
US China Legal Exchange - 12-9-13
US China Legal Exchange - 12-9-13US China Legal Exchange - 12-9-13
US China Legal Exchange - 12-9-13
Jim Chapman
 
ሔለ áŠąáˆ”áˆ‹áˆ ለማወቅ በአማሹኛ.pdf
ሔለ áŠąáˆ”áˆ‹áˆ ለማወቅ በአማሹኛ.pdfሔለ áŠąáˆ”áˆ‹áˆ ለማወቅ በአማሹኛ.pdf
ሔለ áŠąáˆ”áˆ‹áˆ ለማወቅ በአማሹኛ.pdf
Nuradin Sultan
 

Andere mochten auch (9)

U.s. history pacing guide 2011
U.s. history pacing guide 2011U.s. history pacing guide 2011
U.s. history pacing guide 2011
 
Smart Cells
Smart CellsSmart Cells
Smart Cells
 
Case study: Online store Ownta.com
Case study: Online store Ownta.comCase study: Online store Ownta.com
Case study: Online store Ownta.com
 
quest diagnostics 03AR_2
quest diagnostics 03AR_2quest diagnostics 03AR_2
quest diagnostics 03AR_2
 
2014 Owen Sound Visitors Guide
2014 Owen Sound Visitors Guide2014 Owen Sound Visitors Guide
2014 Owen Sound Visitors Guide
 
US China Legal Exchange - 12-9-13
US China Legal Exchange - 12-9-13US China Legal Exchange - 12-9-13
US China Legal Exchange - 12-9-13
 
GIS Mapping Webinar Part 3
GIS Mapping Webinar Part 3 GIS Mapping Webinar Part 3
GIS Mapping Webinar Part 3
 
Hire Efficient and Professional Website Designer from Us
Hire Efficient and Professional Website Designer from UsHire Efficient and Professional Website Designer from Us
Hire Efficient and Professional Website Designer from Us
 
ሔለ áŠąáˆ”áˆ‹áˆ ለማወቅ በአማሹኛ.pdf
ሔለ áŠąáˆ”áˆ‹áˆ ለማወቅ በአማሹኛ.pdfሔለ áŠąáˆ”áˆ‹áˆ ለማወቅ በአማሹኛ.pdf
ሔለ áŠąáˆ”áˆ‹áˆ ለማወቅ በአማሹኛ.pdf
 

Mehr von GFI Software

Spotlight on GFI EndPoint Security 2013
Spotlight on GFI EndPoint Security 2013Spotlight on GFI EndPoint Security 2013
Spotlight on GFI EndPoint Security 2013
GFI Software
 
Maxmp greylisting
Maxmp greylistingMaxmp greylisting
Maxmp greylisting
GFI Software
 

Mehr von GFI Software (20)

Spotlight on GFI EndPoint Security 2013
Spotlight on GFI EndPoint Security 2013Spotlight on GFI EndPoint Security 2013
Spotlight on GFI EndPoint Security 2013
 
Network Environments
Network EnvironmentsNetwork Environments
Network Environments
 
The Threats Posed by Portable Storage Devices
The Threats Posed by Portable Storage DevicesThe Threats Posed by Portable Storage Devices
The Threats Posed by Portable Storage Devices
 
Hybrid Technology
Hybrid TechnologyHybrid Technology
Hybrid Technology
 
Email Continuity
Email ContinuityEmail Continuity
Email Continuity
 
Understanding Data Backups
Understanding Data BackupsUnderstanding Data Backups
Understanding Data Backups
 
Data Backups
Data BackupsData Backups
Data Backups
 
Master Class Series
Master Class SeriesMaster Class Series
Master Class Series
 
Security Threats for SMBs
Security Threats for SMBsSecurity Threats for SMBs
Security Threats for SMBs
 
Security and SMBs
Security and SMBsSecurity and SMBs
Security and SMBs
 
Vulnerability Management
Vulnerability ManagementVulnerability Management
Vulnerability Management
 
Deploying GFI EventsManagerℱ
Deploying GFI EventsManagerℱDeploying GFI EventsManagerℱ
Deploying GFI EventsManagerℱ
 
How to Perform Network-wide Security Event Log Management
How to Perform Network-wide Security Event Log ManagementHow to Perform Network-wide Security Event Log Management
How to Perform Network-wide Security Event Log Management
 
How to configure IBM iSeries event collection with Audit and GFI EventsManager
How to configure IBM iSeries event collection with Audit and GFI EventsManagerHow to configure IBM iSeries event collection with Audit and GFI EventsManager
How to configure IBM iSeries event collection with Audit and GFI EventsManager
 
Email Security Solutions
Email Security SolutionsEmail Security Solutions
Email Security Solutions
 
Maxmp greylisting
Maxmp greylistingMaxmp greylisting
Maxmp greylisting
 
Messaging and Web Security
Messaging and Web SecurityMessaging and Web Security
Messaging and Web Security
 
How to Keep Spam Off Your Network
How to Keep Spam Off Your NetworkHow to Keep Spam Off Your Network
How to Keep Spam Off Your Network
 
How to Block NDR Spam
How to Block NDR SpamHow to Block NDR Spam
How to Block NDR Spam
 
How to tell if that pop-up window is offering you a rogue anti-malware product
How to tell if that pop-up window is offering you a rogue anti-malware productHow to tell if that pop-up window is offering you a rogue anti-malware product
How to tell if that pop-up window is offering you a rogue anti-malware product
 

KĂŒrzlich hochgeladen

Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
panagenda
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
Joaquim Jorge
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
?#DUbAI#??##{{(☎+971_581248768%)**%*]'#abortion pills for sale in dubai@
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel AraĂșjo
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Roshan Dwivedi
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
Principled Technologies
 

KĂŒrzlich hochgeladen (20)

Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
HTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesHTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation Strategies
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Top 10 Most Downloaded Games on Play Store in 2024
Top 10 Most Downloaded Games on Play Store in 2024Top 10 Most Downloaded Games on Play Store in 2024
Top 10 Most Downloaded Games on Play Store in 2024
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 

Social networking malware

  • 1. GFI White Paper Social networking malware: The dangers facing SMBs Social networking has changed the way businesses communicate with their customers and partners, with most organizations now incorporating social media into their marketing and communications strategies. Unsurprisingly, the popularity of this new media has also created an influx of social-specific malware.
  • 2. Contents Introduction 3 Making friends, followers and circles 3 The growth of social malware 3 The risk to your business 3 The need for layered security 3 Conclusion 4 About GFI VIPREÂź Antivirus Business 4 About GFI 4 Hackers don’t discriminate: Viruses attack all platform users 2
  • 3. This white paper describes the rise of social networking, the types of malware targeting social platforms and how small and medium-sized businesses (SMBs) can protect themselves against the latest social threats. Making friends, followers and circles In the first eight months of 2011, Facebook added over 250 million users. Similarly, Tumblr use grew 166 percent this year, with the popular micro-blogging site now boasting 10.7 million users. Today, the average person spends 16 percent of his or her time online at social sites, like Facebook and Tumblr, often checking these sites from work or on company-supplied laptops and smartphones.1 And employers, for the most part, don’t discourage social networking on these devices during off-hours. The growth of social malware Recent reports from various security research labs show a 20 to 40 percent increase in malware targeting social networking sites. And cybercriminals are very clever in luring social-site users to unwittingly download viruses and malware. For example, a malicious link may prompt an application or file download to view a news article or video. If a user complies, malware installs on his or her device and quickly spreads throughout their corporate network. Cybercriminals also benefit from the weak passwords individuals use to log into social sites. They know “many people still use the same username and password for all their online activities, including banking, shopping and email,” says Chris Boyd, GFI Software senior threat researcher, and they take advantage of it. Some malware attacks create a dangerous domino effect, such as hacked Twitter accounts tweeting malicious links to unsuspecting followers and spreading malware exponentially. This chain-reaction malware is not limited to Twitter, as GFI Software found in recent Facebook survey scams. Here, cybercriminals offer free merchandise for participation in surveys and suggest sharing the survey on your Facebook wall, so your friends can also win. At best, those that completed the survey saw an increase in spam. At worst, their personal and financial information was stolen by identity thieves. The risk to your business Malicious attacks, on social networks and through other mediums, are the number one cause of data breaches2, surpassing lost or stolen laptops and accidental sharing. These attacks impact businesses most notably from a cost perspective. Direct costs include detection, remediation and notification efforts as well as tech support, credit monitoring and legal fees. Based on a review of 51 businesses that suffered data breaches of between 4,200 and 105,000 records, the Ponemon Institute reported the average cost per contaminated record due to a malicious attack as $318.3 Indirect costs of malicious attacks were also considered in the Ponemon Institute estimate. These include IT resources diverted from other projects to focus on repair and damage control as well as sales, marketing, customer service and management teams shifting tasks to emergency communication efforts to repair customer trust. In addition to increased costs, businesses risk the loss of intellectual property from a malware attack. If a cybercriminal gains access to a corporate network, that company stands to lose new product development plans, confidential marketing or shareholder information and other types of intellectual capital. comScore, June 2011, http://blog.comscore.com/2011/06/facebook_linkedin_twitter_tumblr.html 1 Ponemon Institute, 2010 Annual Study: U.S. Cost of a Data Breach 2 Ponemon Institute, 2010 Annual Study: U.S. Cost of a Data Breach 3 Social networking malware: The dangers facing SMBs 3
  • 4. The need for layered security Malware attacks are expensive for any company, but for SMBs, costs are magnified. The best strategy for these businesses to protect against social networking malware is a two-pronged approach: education and technology. The easiest way to prepare employees for the types of malware they may come across is by showing them examples. Share screenshots of Facebook scams, Twitter hacks or fake LinkedIn invitations. Start a monthly newsletter that offers quick tips on avoiding social malware, such as creating strong passwords, only using trustworthy news sources and not clicking on questionable links. When employees realize how convincing these attacks can be, they will also understand how to avoid them. In addition to employee education, a business antivirus solution is essential in protecting against social malware. Not all AV solutions are equal, and the one you choose should include: » Powerful scanning technology. High-quality AV solutions will analyze and detect potential viruses and malware before they infect user machines » Active monitoring and protection. Most SMBs don’t have the time or resources to constantly monitor their networks for security threats. Invest in a solution that protects your network and user machines in real time, automatically. » Malicious web filtering. Block bad URLs before they hit your network with a solution that uses the latest behavioral analysis and malware URL detection technology. Conclusion Rather than face the risks associated with social networking, some SMBs have chosen to ban the use of these applications at the workplace. But in today’s interconnected world, where there are real business benefits from social media, this is not a realistic strategy. Companies must take a practical approach in protecting their organizations against malware attacks, by combining employee education with powerful AV security solutions. About GFI VIPREÂź Antivirus Business VIPRE Antivirus Business combines the latest antivirus and anti-spyware detection and removal technologies to protect against next-generation malware threats in a comprehensive and highly efficient manner. Built by IT administrators for IT administrators, VIPRE is easy to install, easy to deploy and easy to manage with minimal network and system performance impact. The solution delivers superior endpoint protection against viruses, worms, spyware, Trojans, bots and rootkits via a single, powerful anti-malware engine and wide range of detection methods, including Cobraℱ heuristics for first-level heuristic analysis and Active Protectionℱ for real-time malware detection inside the Windows kernel. For more information, visit http://www.gfi.com/business-antivirus-software. About GFI GFI Software provides web and mail security, archiving, backup and fax, networking and security software and hosted IT solutions for small to medium-sized businesses (SMBs) via an extensive global partner community. GFI products are available either as on-premise solutions, in the cloud or as a hybrid of both delivery models. With award-winning technology, a competitive pricing strategy, and a strong focus on the unique requirements of SMBs, GFI satisfies the IT needs of organizations on a global scale. The company has offices in the United States (North Carolina, California and Florida), UK (London and Dundee), Austria, Australia, Malta, Hong Kong, Philippines and Romania, which together support hundreds of thousands of installations worldwide. GFI is a channel-focused company with thousands of partners throughout the world and is also a Microsoft Gold Certified Partner. More information about GFI can be found at http://www.gfi.com. Hackers don’t discriminate: Viruses attack all platform users 4
  • 5. USA, CANADA AND CENTRAL AND SOUTH AMERICA GFI 2011 Nov01 33 North Garden Ave, Suite 1200, Clearwater, FL USA Telephone: +1 (888) 688-8457 Fax: +1 (727) 562-5199 ussales@gfi.com 15300 Weston Parkway, Suite 104, Cary, NC 27513, USA Telephone: +1 (888) 243-4329 Fax: +1 (919) 379-3402 ussales@gfi.com UK AND REPUBLIC OF IRELAND Magna House, 18-32 London Road, Staines, Middlesex, TW18 4BP, UK Telephone: +44 (0) 870 770 5370 Fax: +44 (0) 870 770 5377 sales@gfi.co.uk EUROPE, MIDDLE EAST AND AFRICA GFI House, San Andrea Street, San Gwann, SGN 1612, Malta Telephone: +356 2205 2000 Fax: +356 2138 2419 sales@gfi.com AUSTRALIA AND NEW ZEALAND 83 King William Road, Unley 5061, South Australia Telephone: +61 8 8273 3000 Fax: +61 8 8273 3099 sales@gfiap.com For a full list of GFI offices/contact details worldwide, please visit http://www.gfi.com/contactus Disclaimer © 2011. GFI Software. All rights reserved. All product and company names herein may be trademarks of their respective owners. The information and content in this document is provided for informational purposes only and is provided “as is” with no warranty of any kind, either express or implied, including but not limited to the implied warranties of merchantability, fitness for a particular purpose, and non-infringement. GFI Software is not liable for any damages, including any consequential damages, of any kind that may result from the use of this document. The information is obtained from publicly available sources. Though reasonable effort has been made to ensure the accuracy of the data provided, GFI makes no claim, promise or guarantee about the completeness, accuracy, recency or adequacy of information and is not responsible for misprints, out- of-date information, or errors. GFI makes no warranty, express or implied, and assumes no legal liability or responsibility for the accuracy or completeness of any information contained in this document. If you believe there are any factual errors in this document, please contact us and we will review your concerns as soon as practical.