When people sign up on Facebook, for example, they tend not to think twice about putting in their birth date. But combine that with all sorts of other personal data in your profile — contact info including phone numbers and e-mail addresses, job details and sometimes even an address — and someone with less-than-good intentions could possibly wreak havoc in your name.
Agence Presse-France reported on the Campus Party gathering of "Internet enthusiasts" in Valencia, Spain. Asier Martinez, a security specialist at global IT solutions provider Panda Security, told the crowd gathered that they weren't just the personal data they put on the sites that put them at risk. It sometimes was just a matter of being a member of the sites and trusting links sent to you by friends.
Take the Koobface virus, which hit Facebook and Twitter users last year. "Its spread has been very significant and it has been detected in 4,000 different variants," Martinez told AFP. It hijacks the accounts of affected users and uses them to send messages to all their friends. Friends who clicked on the links sent by Koobface were directed to malware sites and were themselves infected, continuing the cycle. The malware could then rummage through infected users' computers, stealing personal data.
Because the messages were sent by long-time, personal friends in many cases, the users who clicked on the links had less reason to be cautious than if they'd clicked on a random shortened link sent by a stranger.
Then there are the free quizzes, horoscopes & games, as well as birthday and holiday greetings that look like they come from friends but hide links to malware sites. Even so, Facebook says less than 1 percent of its users have been affected since it started in 2004.
Laura Garcia, an Internet Security
"Now you don't really need to know much about information technology to be a hacker, all the tools have already been created," she told AFP. The groups are most active in Russia, China, Brazil and Ukraine.