SENDSIDE    l   SENDSIDE.COM
Follow Sendside
Video Tours
Where am I?

This is Sendside, next-generation communications for business, from sales automation, sales channel marketing, and strategic marketing to secure and compliant communications for banks, hedge funds and treasury management. More >>

 

Sendside on Twitter

Twitter Updates

    Follow Sendside on Twitter

     

    HireVue Success Story

    « Gmail's 5 second Undo Send. (yawn) | Main | Sendside: 2009 IQ Awards Finalist »
    Thursday
    Feb052009

    Phishing Scams & Social Marketing

    Phishing scams are becomming an increasing threat inside open social networks like Facebook, Twitter, and LinkedIn. This poses unique challenges for businesses using these networks for social marketing.

    Unfortuanately for email users, phishing attacks are becoming more numerous, and more sophisticated in their execution. Spear Phishing may become more of a threat to consumers as more information about specific individuals is available online through social networks like Facebook, Twitter, and LinkedIn, phishers may in principle be able to determine which banks potential victims use, and target bogus e-mails specifically at them.

    (Targeted versions of phishing have been termed spear phishing. Several recent phishing attacks have been directed specifically at senior executives and other high profile targets within businesses, and the term whaling has been coined for these kinds of attacks.)

    Social networking sites are now a prime target of phishing, since the personal details in such sites can be used in identity theft; in late 2006 a computer worm took over pages on MySpace and altered links to direct surfers to websites designed to steal login details. Experiments show a success rate of over 70% for phishing attacks on social networks. Social marketing into these social networks is increasingly hampered by the needs for social sites to try to protect their users, and those users becomming aware of phishing scams and identity theves 'inside' the network.

    The RapidShare file sharing site has been targeted by phishing to obtain a premium account, which removes speed caps on downloads, auto-removal of uploads, waits on downloads, and cooldown times between downloads.

    Attackers who broke into TD Ameritrade's database (containing all 6.3 million customers' social security numbers, account numbers and email addresses as well as their names, addresses, dates of birth, phone numbers and trading activity) also wanted the account usernames and passwords, so they launched a follow-up spear phishing attack.

    According to Wikipedia; Almost half of phishing thefts in 2006 were committed by groups operating through the Russian Business Network based in St. Petersburg.

    | Posted by AuthorJeff Barson, Experience Czar in | tagged , , ,