On Monday, it was reported that LinkedIn had sccumbed to an attack as fake celebrity profiles were posted to lure unsuspecting users into handing over their personal details. The business networking site, which has over 30 million registered profiles worldwide, also came under attack in June 2008 with a similar ploy.
We’ve seen in 2009 with an unprecedented amount of news, flowing from cyberspace and nestling out of newspapers, talking about phishing, malware and all other sorts of malign Internet behaviour. First Twitter, and now LinkedIn, have been subject to attacks from hackers and cybercriminals just days into the new year, and we may well be on an upward trajectory as more and more people start using the services.
2008 came to a close amidst a blur of Facebook Phishing and Internet Explorer security flaws, nothing new there then. Two big stories broke within hours of each other at in the middle of December as Microsoft revealed major security issues in their Internet Explorer 7 web browser patching, and it was announced that Facebook profiles are being sold for the same price as an MP3 by phishing gangs.
This is of course, no surprise as both Facebook and IE7 have huge numbers of users and are perfect targets for scammers to try and catch people unawares. However, it seems that micro-blogging service Twitter and business social network LinkedIn are now too considered primary targets. Twitter has grown 343% in the last 12 months and has around two and a half million users, some of whom were affected by recent Direct Message (DM) phishing attacks. Twitter was also hacked with several celebrity names, including Ms. Britney Spears, finding their accounts compromised.
What this, and the LinkedIn case demonstrates, is how becoming mainstream can increase the susceptibility of a website or social network, and what’s more, we don’t seem to be learning. We’ve seen phishing scams before of course on Myspace and the same techniques were used, but unfortunately we’re still getting duped into handing over our e-mail addresses and passwords. It can be argued, and it is a valid point, that websites should be doing their utmost to prevent spamming, phishing and hacking, but if you’re in any doubt about a link, don’t click it, and try to have different passwords for each of your accounts. Most of the major web security companies have online virus scanners so that if you think you might have gotten hold of something your PC doesn’t like, you can scan your system hassle free.
There’s no need to let the worry of hackers or phishing threats spoil your web experience, but these recent problems just beg the question of who will be next?