Released: March 04, 2010

How cybercriminals invade social networks

Source: Byron Acohido, USA Today

“Hey Alice, look at the pics I took of us last weekend at the picnic. Bob”. That Facebook message, sent last fall between co-workers at a large U.S. financial firm, rang true enough. Alice had, in fact, attended a picnic with Bob, who mentioned the outing on his Facebook profile page.

So Alice clicked on the accompanying Web link, expecting to see Bob’s photos. But the message had come from thieves who had hijacked Bob’s Facebook account. And the link carried an infection. With a click of her mouse, Alice let the attackers usurp control of her Facebook account and company laptop. Later, they used Alice’s company logon to slip deep inside the financial firm’s network, where they roamed for weeks. They had managed to grab control of two servers, and were probing deeper, when they were detected.

Read Full Article: How cybercriminals invade social networks