McAfee's Predicted Security Threats for 2010

McAfee recently released a report that predicts potential online security threats for 2010. To summarize, the anti-virus and computer security company, which is based out of Santa Clara, California, sees an increase in threats from social networking sites, banking security, and bot nets. In addition, they see increases in attacks targeting users, businesses, and applications. However, the findings weren't all negative. McAfee says they expect an increase in law enforcement and its effectiveness in fighting cybercrime.

As social networking sites, such as Facebook and Twitter, become increasingly popular, they'll most likely become a breeding ground for cyber attacks. On top of the increased number, the attacks will be more sophisticated. Facebook users are particularly vulnerable due to the number of third party applications used. Games and other applications are popular and most people will trust an invitation from their friends without using caution. But that invitation could easily be malware or something else designed to harm your computer. There's really no way to protect yourself other than avoiding the third party apps such as quizzes and games.

URL shorteners such as bit.ly and tinyurl.com are also expected to become a target of cybercrime. These tie-in to social networking because most people use them to post links to their profiles. The websites shorten a normal URL into a smaller one that will fit in almost any space and is especially popular on Twitter, where you only have 140 characters to gets your message across. One major problem with these smaller URLs is that they can't be previewed, so clicking on one at random could lead you to somewhere you don't want to be. This makes it a very easy target for crooks.

Due to the popularity of Microsoft products, cyber criminals have been taking advantage of them for years. However, as programs such as Adobe Reader and Flash become more popular, McAfee expects they will become a bigger target, taking over the top "honor" from Microsoft. In 2009, Adobe Reader saw an increase of problems due to security holes, leading the company to take a more proactive approach to patching up problems.

Email attachments have always been a problem when it comes to spreading malware and that threat is expected to continue and even get bigger. The company expects an increase in specific targets when it comes to email, and those include journalists, corporations, and individual users who could easily be convinced to download an attachment that is hiding a Trojan or other bit of malware.

Other projected problems include banking Trojans. Normally used to get your financial information, McAfee expects them to become so advanced that they will start interrupting transactions and even withdrawing money from your accounts. 2009 already saw an increase in banking cybercrime, with many Trojans making their way past strong bank security. Botnets are also expected to be a threat. McAfee calls them a "leading infrastructure for cybercriminals" and says they are "used for actions from spamming to identity theft." While they are harder to track down due to their ability to move from computer to computer without a central base of operation, there has been some recent success in shutting them down.

Despite all the many threats, McAfee does project an increase in law enforcement's ability to track down cybercriminals. Even so, there are steps you should take to protect yourself. Purchasing security software and keeping it updated is very important and something everyone should do. Keeping your PC up-to-date with Microsoft patches that protect your operating system, office suite, and browser is also important. You should also be sure that you are aware of all the latest threats and realize what's at risk. Exercise caution when opening files or downloading applications.

---

Looking for Computer / PC Rental information? Visit the www.rentacomputer.com PC Rental page for your short term business PC needs. Or see this link for a complete line of Personal Computer Rentals.

Who Gets Your Personal Information on Facebook?

Are you one of the 350 million Facebook users? I’m a big fan of Facebook and like many I connect daily to see what my friends are doing and to share photos. As a security professional I am very careful about what I post and what information I allow to be shared. In that respect I’m unique. It surprises me how many of my friends will refuse to allow companies to share their information but eagerly give away their personal information to application developers on Facebook.

My friend Diana sent me some Christmas cheer. How could that be a bad thing right? Well, if I accept her cheer I’m sharing my personal information and all my friends with a company called Mob Science who has no physical address or privacy policy posted on their website.

Who are these application developers you’re giving your personal information too. One of the most popular developers is San Francisco based Zynga. They’re responsible for the games Farmville, YoVille, Mafia Wars, RollerCoaster Kingdom, Scrabble and dozens more. You’ll never be offered a chance to read Zynga’s privacy policy but the information is typical. They say only your name, address and gender are collected. As in most privacy policies they protect themselves with vague statements like “we don't generally collect any “Personally Identifying Information” about our users”.

I’m not saying the folks at Zynga are evil or have bad intent but I doubt most users realize they’re providing information to this or other little known companies. Most people mistakenly believe it’s just all part of the Facebook experience.

It’s not just the games. When you take a quiz, or even donate to “Causes” you’re providing access your personal information. When you create or join a “Cause” you’re registering your personal information with Berkeley based Philotic Inc, started by Sean Parker, one of the brilliant co-founders of Napster.

If you’re a fan of Farm Town, you’ve registered with Florida based SlashKey. Popular game provider MindJolt.com is another one that doesn’t include any physical address or privacy policy on their website. The number two Facebook developer Playfish acknowledges “We collect the following personal data from you … : your date of birth, gender and your contact details including the country where you live and any phone number(s) or email address(es) that you provide.” In addition, “We may use a third party to serve advertisements on our site. Cookies may be associated with these advertisements … We do not have access to or control of cookies placed by third parties.”

In the grand scheme of things the dangers from sharing your information with these companies may still be minor compared to other risks. I wanted to focus on 3rd party Facebook Applications because most people don’t understand why their Email Spam seems to know specific personal details.


Did you know when your friend allows an application, they give away all your information too?

When you sign up for Facebook all these boxes are checked as the default setting. That means if your friend allows an application, all the information you may have set to "Friends Only" is made available. Click Here to change your settings. (Update 12/9: Facebook has made some changes do don't be surprised if this page looks a little different)

Facebook has been slow to react to customer concerns but recently announced new privacy options. It’s still up to the individual user to check out their rights and options to protect themselves. If you’re a Facebook user please click here to read how you can update your privacy settings.

Updated 12/9
Facebook has updated their privacy options. Here's the replacement for the screen allowing you to restrict information shared by your friends.

Facebook Simplifies Sharing your Personal Info