Safety in social networking: don't keep the keys under the Mat

Many people who do not know is not caught or just not interested — warm lamp web 1.0 era, go online solely for entertainment and communication. Popular scientific and informative videos collected tens of thousands of times less views than a video with a dancing raccoon.

Not to get into unfounded speculation about what, why, and how we need to worry about the intellectual character of mankind, suffice it to say that the world wide web has evolved explosively: in 1995, the number of Internet users in the world was 16 million (0.4% of the world's population), and in 2013 reached more than 2.4 billion (34.5% of world population). Not surprisingly, the majority of Internet users EN masse illiterate in terms of information security.





Offensive a turning point in the history of the web contributed to the wide spread of social networks, Faceboook has opened registration for all in 2006; in 2007, it was the era of growth in the number of virtual connections to Russia — in the same way has opened registration network "Vkontakte".

In the network and poured a huge amount of people who don't know anything about technology, nor about what the web and often, even that is a modem/router/fiber/need to substitute. Yeah to be honest, to this day, sadly a small number of regular users don't call the Internet "Yandex" or "Google" and know how to type a website address in the address bar without the prompt of browser.

Most of those representatives of progressive mankind that used the web before 2000 years, had at least a conditional and a primitive, but the idea of how it all works — at least, because without the minimal knowledge and the network was impossible.

It was necessary at least to set their own network card, configure capricious Internet connection Yes you dig into the settings to display pages in the browser — because the Internet traffic was worth incomparably expensive compared to the bright future that has already arrived.

In the age of broadband, cheap access to the Internet is a default function. Without Internet connection any gadget seems to be defective. This level of access is the most part ordinary people by constantly generating content of the entire planet (even without taking into account the ratio of its usefulness) is generally a good thing, but there is one problem.

If the technological geeks of the 90s learned to interact with new technologies on their own because they had no choice, but friendly interfaces that solve for user almost everything, no one thought, something millions of people registered in social networks to communicate with Lena from 9 "A" or went to Israel the other, did not think about their actions in the network.

Global problem and danger that spawned social network is not uncontrollably distributed content is often questionable content. The main issue is security of personal data. Any social network starts with a registration. And registration is filling out the forms which are law-abiding people, not burdened with a healthy amount of paranoia, used to fill almost completely.

Given that social networks are related to finding old friends, colleagues or like-minded people (the same Vkontakte, Odnoklassniki, Facebook, Linkedin), it is customary to specify the real name and surname, your virtual entity becomes easily identifiable with the first timid steps in the bottomless depths of the web.





Privacy settings in Facebook by default. By default, the profile and activity it can be seen all over the Internet.

 

Allow me to recall a story, it is highly acclaimed four years ago.

In one city lived a boy Vanya. His dad earned well, grow a beard, loved my son, and computers. Boy Vanya was in College and a little moonlighting. Was honest and open. Like his page Vkontakte.

And once the page easily found uncle nick and his wife aunt Luda, who were in a difficult situation and desperately needed the money. On his page honest Vanya entered your phone number, home and work address. It only helped uncle kole and aunt Luda at the right time to drive to the place Vanina work to take the van to his home, call his dad and ask for his son three million euros.

At the end of this story, however, is not tragic. Ivan Kaspersky, the youngest son of a well-known expert on Internet security by Kaspersky, the security services alive and healthy found in five days. Thanks to the stupidity and greed of Nikolai and Ludmila Saveliev.

The essence should be clear. In "Vkontakte" — 300 million registered users. More than one billion users in Facebook. And each of them could theoretically stick your nose in your personal life.

Somehow I received a private message from a stranger who wanted to find the phone of my friend. He addressed me by name, which is easy, given that in the pages of "Vkontakte" usually indicated real names. A familiar is also called by name and mentioned it was our hometown, which is also quite easy to learn, because the information about his hometown, few hides. I didn't say anything.

And you can be sure all people in your friends list? You are sure that none of them would believe a sob story about your attacker together with him in the past and not give him your home address to sing you a Serenade?

All of you probably came on mobiles SMS kind of "Tanya! I had an accident, write from someone else's phone, save-help, out of money". Now the villain, a crook can not act blindly. He holds almost all the cards. He knows your name, the names of your friends, it costs nothing to know your place of residence, place of work, names and ages of your children and parents. Can you imagine what his scope for blackmail and use social engineering techniques?

Social network literally created for social engineering. And you literally give fraudsters the keys to the apartment where the money is.





You can say that you will not touch it ever. That you are the son of Eugene Kaspersky and not a great-nephew of Abram. Yes, it is. But on the street, purses, even stealing from pensioners. Your page can come across a man with a dark past, a drug addict who owed loan are you a loser or a vengeful ex-lover.

You have the sole right and discretion to disclose your personal information. Nothing prevents you to store the keys of your apartment under the doormat. No one and nothing except common sense and General awareness. If the first impact is almost impossible, the second is the power of each. Climb up finally in the privacy settings of their pages.

To the maximum shut your profile from those people who can find you by accident. Do not add to friends everyone. Remove an account in those social networks, you almost do not use.

Call not to speak with strangers on the Internet contradicts the very essence of the Internet, but be careful, if in conversation with you the sides:

1. Persistently mention your friends.

2. Tell a believable story with lots of details or, on the contrary, dryly stating the facts and require certain information.

3. Interested in passwords-appearances-place work-study-vacation.

 

Otshuchivayas. Do not reply to such questions. Say that real problems are solved in real life, not online.

Being careful when you get messages from people you know. There are many ways to access your account in the social network and write contacts already stolen from profile. And it is almost unlimited power even if for a limited time.

Such an attacker can easily obtain the usernames and passwords of all friends of the owner of the stolen account. Phishing sites make it easy. That such a correspondence is possible and you have personal messages:





 

Although it would be much sensible to do so:





For a similar trick once in an experiment conducted by my friend, pecked a striking number of participants: 9 out of 10 were ready to enter your account details to a completely unknown website.

Capabilities and techniques to cheat the innocent user, there are many, and they all come from the diplomatic methods of antiquity. In the course of embarking lies, flattery, appeal to knowledge/conscience/emotions and anything else. American cryptographer Bruce Schneier once repeated after his colleagues:

 

If you give the user the choice between dancing pigs and security, he will choose dancing pigs.

 

Of course, the problem is not so much the users, but in the absence of a certain uniform set of rules of behavior in the network. The children explain why it is impossible to cross the road on red traffic light — has long had the sense from an early age to learn to make and safely store their passwords and not leave them anywhere and to critically evaluate the requests of strangers to share personal information.

 

See also: Three deaths: the age At which a human life hangs in the balance?

How to be aware on social networks

 

And right now there is a wonderful opportunity to educate the younger generation a respect for their own private data almost from the cradle. It is the business of teachers, teachers, parents (who themselves would be nice to pull up your knowledge in the relatively new field). Knowledge about the rules of safe behavior on the Internet has long gone beyond the additional information that you can either take into account or forgotten. Such knowledge of the ABCs of information literacy.published

 

Author: Lucy Shirshov

 

 

P. S. And remember, only by changing their consumption — together we change the world! ©

Source: newtonew.com/discussions/social-engineering-in-social-networks

Tags

See also

New and interesting