Yesterday we completed our first day of Making Money w/ Security – an online security sales course I provide through webex.  As security trends evolve, one area has become particularly interesting to me – that of social media and how it can be used as a vehicle for social engineering.  After class one attendee passed on an article from the WSJ, Spam Finds a New Target…here are some important points from the Wall Street Journal’s write up…

• Facebook blocks over 200 million malicious actions every day!
• In August 2011, over 92% of email messages were spam messages, in Nov, over 70%.  These numbers fluctuate month to month, but they are always high.
• Twitter and Facebook are the new targets – people are on to the email problems, but social media is wide open as people accept friend requests from unknowns.  In fact, in another recent article, WSJ reported on a study showing the number of men who gave out sensitive information, including passwords, to a white hat hacker posing as a 25 year old woman using social media!  Incredible, but believable.

As I speak to executives around the world at Lunch & Learns and other customer facing events, I am hearing the need to leverage social media as a means of marketing and branding.  I agree, this is a tool that can accelerate any company’s business when used correctly.  But this also opens the door for users, who are completely unaware of the security risks, to invite predictors to install code on their machines.  The same machines that will later access the company’s most sensitive data.  If you are not attending Making Money w/ Security this week, stay tuned – we’ll be scheduling more later this year.

© 2012, David Stelzl