This October has been declared National Cyber Security Awareness Month, a month in which Americans are encouraged to learn more about the “national security priority” that is the US communications infrastructure.
“Cyber attacks and their viral ability to infect networks, devices, and software must be the concern of all Americans,” President Barack Obama said yesterday. “This month, we highlight the responsibility of individuals, businesses, and governments to work together to improve their own cybersecurity and that of our Nation. We all must practice safe computing to avoid attacks. A key measure of our success will be the degree to which all Americans educate themselves about the risks they face and the actions they can take to protect themselves and our Nation’s digital infrastructure.”
But on social networks, there is still a sucker being born every minute. The more new users that sites such as Facebook get, the more opportunity there is for malware to be spread and compromises to be made. In light of President Obama’s grand proclamation yesterday, the Federal Bureau of Investigation released its own statement, sounding as jaded as could be.
The FBI’s sardonic warning yesterday was entitled, “No, Your Social Networking ‘Friend’ Isn’t Really in Trouble Overseas.”
The statement referred to the common spam/phishing scam where a social network’s account is hijacked and all its linked friends are hit with messages claiming that the owner is in some sort of legal or medical danger and needs money.
Though the Internet Crime Complaint Center (IC3) has received reports of nearly 3,200 hijacks since 2006, the FBI yesterday said that there has been a recent increase in reports.
And this surge isn’t attributed to any new threat. Quite the contrary, it’s the same old “please install this plug-in/application/codec” style Trojans that have been used for more than ten years, but they’re just hiding under the friendly face of a social networking buddy. Since a link on Facebook appears to be endorsed by a trusted friend, people are much more likely to click on them.
There’s actually very little that someone can do to prevent someone else from falling victim to a social engineering attack, so what’s the FBI’s advice now that cybersecurity awareness is a national month of observance?
“Be careful what you click on.”