Beware of phony friends
Recent studies show that more and more small businesses are catching on to Facebook, LinkedIn and other social networking sites as powerful workplace tools. According to a study published by New York-based AMI Partners, the number of small businesses using social networking services is expected to double this year. Increasingly, business workers are using these sites to communicate with colleagues, prospects, business partners and clients. Numerous studies cite the usefulness of social networks in competing under current market conditions. And because networks such as Facebook, LinkedIn, Twitter, Bebo and Ning cost little or nothing to join, there’s no reason why small business owners shouldn’t try them for the purpose of expanding their businesses, demonstrating their innovation as a company. Beware of being compromised However, if your customers are using social networking as a business tool, you need to make sure they are risk-aware. According to a recent internet security threat report, web-based attacks are now the primary vector for malicious activity over the internet. The report states that the continued growth of the internet presents attackers with an ever-increasing range of targets as well as means to launch malicious activity. Added to this, a continuous rise in social networking attacks has been observed. Last year, both Twitter and Facebook landed in the news when they were hit with phishing attacks. In one, hackers created fake Twitter accounts to follow legitimate users. Cybercriminals sent the user a link to a profile page containing an additional link to a phishing site. The site asked for a username and password, and victims who entered their account details found their accounts compromised. Facebook accounts are also becoming an increasingly popular target. Once hijacked, compromised accounts send messages to their connected accounts, (direct friends and friends of a friend) and if recipients follow the link to the suggested web page, malicious code attempts to install itself on the user’s computer. Spam attacks from bogus social networking sites have also surfaced. Fake emails from well-known sites prompt recipients to download video players to view ‘adult’ video clips. However, the player is, in fact, malicious code. Remind your customers that emails relating to celebrity news, pleas for money from Facebook friends, and unsolicited invitations to join online groups are used by criminals to gain access to private information. It is good to remind your small business customers who are harnessing social networking that messages from friends might not really be from them. A compromised business account can cause business downtime and do considerable damage to your customer’s brand and reputation. Complete protection To protect your business against these types of threats, you need to implement a best-practice security policy. This includes using comprehensive endpoint security products that include anti-virus, anti-phishing and anti-spam software, firewalls, toolbar blockers and other software-detection solutions. As some phishing attacks may use spyware and/or keystroke-logging applications, staff education is also critical. Advise employees not to disclose confidential, personal or financial information unless they can confirm the request is legitimate. Educating employees to avoid scams is a valuable step for any business. Today, more small businesses are learning that social networking sites can provide a genuine competitive edge, whether it’s by finding and forging deeper ties with customers or by empowering employees. However, it is your job to help small business owners understand that there are security precautions to observe. The increasing use of social networking sites makes them a potential target for cybercriminals intent on stealing identities, spreading viruses and compromising networks.