Dangers of Social Media Networking Part 3

Linked Out. When one door closes another opens. This tried and true adage has never rung more true than with social networking. Attackers frustrated by their inability to enter corporate networks because of sophisticated controls, now have a whole new point of entry with LinkedIn, which allows them to access personal professional information and spoof employee profiles.

Plus, it's no secret that attackers follow the money. This networking site aimed at professionals also opens up a whole new attack vector for organized crime intending to pilfer intellectual property and corporate information, as well as the typical credit cards and social security numbers used in identity theft.

All About The Money. Reflecting current cyber crime trends, experts say that attacks on social networking sites will increasingly become more financially driven.And will wreak havoc on users' bank accounts as these attacks become more complex and organized. This also means that sites like Facebook -- which touts a more professional, white-collar user base, as well as professional networking sites like LinkedIn, will increasingly become targets for organized crime.

Having all of your information on a site that isn't controlled by users and whose security practices aren't paramount, isn't always the best deal. While experts say that they can't predict the future, it's likely that social networking sites like MySpace and Facebook will start taking more responsibility regarding their security practices -- especially if users significantly change their behavior or avoid logging on altogether.
Special thanks to : Channel Web, http://www.crn.com

Author Chris Kaminski is head web designer at Lone Bird Studio, an Asheville web design and SEO company located in North Carolina.

Dangers of Social Media Networking Part 2

Last week I started this series to introduce you to the dangers of social networking. I was not ready for the response. Yes I know we all use them and yes I know they are necessary for business, just be aware of the dangers. Use these services but think before you type and use them safely. So, now let’s continue.

It's A Worm. It's social networking at its finest.

Experts say social networking users can expect more threats to travel virally. Experts say that other rapid, self-replicating viruses will likely be more malicious, designed to steal or delete users' personal information like date of birth and passwords. That data can then be sold in numerous black market economies or used to acquire credit card and bank information. Often the same login credentials used on Facebook and MySpace are also used to access banking and other sensitive accounts.

'Poking' Holes in XXS Flaws.

In a recent attack, millions of Facebook users were left exposed to a cross site scripting vulnerability affecting the user interface of the site's Job page. Among other things, the vulnerability gave the attackers the ability to install malicious software as well as trick users into handing over their credentials through fake logins. The takeaway is that the same threats plaguing Web 2.0 are amplified on social networking sites. Why? Because these sites rely on the prolific and rapid spread of information between users.

Flash Attacks. It's the beauty of Web 2.0.

There are more attacks on Flash now than ever before. Applications such as Adobe Air and Microsoft Silverlight, which allow the browser to be used in a more effective way, also increase the attack surface.

Naturally, the prolific use of Flash is one of the evolutions that make Facebook and MySpace so lucrative to attackers. As anyone with a profile knows, these technologies are extremely pervasive, as well as fun, when doing social networking. Unfortunately, a recent exploit in Adobe Flash has become a huge security threat.

Experts say that so far hundreds of thousands of Websites have been compromised, including thousands of networking site pages, as the result of the Flash exploit loose in the wild.Next week, part three. Special thanks to Channel Web, http://www.crn.com.

Author Chris Kaminski is head web designer at Lone Bird Studio, an Asheville web design and SEO company located in North Carolina.

Email Etiquette for Business

Tired of endless forwards where nobody changes the subject line, tired of those stupid return receipts (which in the business world is a strict no no). As we become more familiar with it we tend to get careless.

Why every business needs an email etiquette policy:

Professionalism: by using proper email language your company will convey a professional image. Efficiency: emails that get to the point are much more effective than poorly worded emails. Protection from liability: employee awareness of email risks will protect your company from costly law suits. The most important email etiquette tips:

1. Be concise and to the point. Do not make an e-mail longer than it needs to be
2. Answer all questions, and pre-empt further questions.
3. Use proper spelling, grammar & punctuation. E-mails with no full stops or commas are difficult to read and can sometimes even change the meaning of the text.
4. Make it personal.
5. Answer swiftly..
6. Use proper structure & layout.
7. Do not overuse the high priority option.
8. Do not write in CAPITALS.
9. Don't leave out the message thread.
10. Add disclaimers to your emails. It is important to add disclaimers to your internal and external mails, since this can help protect your company from liability.
11. Read the email before you send it. A no brainer.
12. Do not email or respond if you are angry. Another no brainer.
13. Do not forward chain letters.
14. Do not request delivery and read receipts. This will always annoy your recipient before he or she has even read your message. Besides, it usually does not work since the recipient could have blocked that function, or their software might not support it, so what is the use of using it?
15. Do not ask to recall a message.
16. Do not copy a message or attachment without permission.
17. Do not use email to discuss confidential information.

There are many more but these are the important ones. Every business should have an e-mail policy and enforce it. It can be a big liability issue if you don’t.