Tuesday, May 22, 2012

Protecting Yourself From Social networking Scams

Protecting yourself against social engineering scams

Scam sites
                                       That’s my story so far, so now let’s concentrate on the essence of it. Even if this was all a misunderstanding the risk is real. Social networking is always a great tool for social engineers. Knowledge is power and this is especially true when it comes to social engineering. The more the social engineer knows about his victim, the more likely he is to be successful in his schemes. I am generally against monitoring and restricting but stories like this make me stop and think whether it is the right thing to do after all.
Cash cards
                                                      What if this sort of thing were to happen to my children? What if s/he falls in love with a person of malicious intent? We all know how dangerous strong emotions can be, trying to save her/him once s/he is deeply in love will be impossible and the more you try to do to convince her/him of the mistakes s/he might be doing, the more likely it is  to drive him/her away. What’s worse is that even if you manage to expose the scam the emotional impact will certainly be devastating at this stage. On the other hand the only other option would be to switch to a 1984 state of affairs and rigorously monitor any and all communications. Both are obviously wrong.
                                              And this is not just for your household; the same applies to the workplace. Over monitoring your network will have detrimental effects on the employees’ morale, and might even be illegal in some cases. However even if it were legal, would you want to monitor your employees’ communication on social sites? What about private emails? The obvious, safer solution is to disallow these sites however this will have a detrimental effect on morale too.I guess in both personal and professional scenarios your best bet would be education. Although it will not be 100% effective, some people claim that it’s not effective at all, it will hopefully make people question such events if they are aware of the risks. On the other hand, in cases such as a dating scam, the request for money will happen when it’s too late, as the person will already be too hooked to second guess anything so education is unlikely to work here.

Who’s really lurking behind that profile page?

                                              The dating scam is just one of the scams that are happening via social networking. I have heard on a first hand basis of people being scammed for many things. Malicious people making friends with victims and after a while say that they have to drop out of school because they can’t afford it. In some cases the victims themselves offer to help out financially and are thus scammed of their hard earned cash without  even having to be asked to hand over money. At the end of the day social networking is a haven for con artists. Con artists can befriend their victims very safely. You become friends to a profile in essence and there is no guarantee that the profile has any truth to it whatsoever. If a con artist is patient he can build a good trust relationship and then spring any number of traps – from fake lucrative investment schemes to a great opportunity that cannot be passed by.

                                    Finally I caution you to not make the classic mistake of thinking that this could never happen to you or your loved ones. I urge you to always be on guard. Furthermore it might be a good idea to warn friends and family about the dangers of social networking. When I explained the dating scam/human trafficking risk to my friend her answer was, ‘I didn’t know that this happens on the internet’ which is a common and ultimately understandable stance. People who aren’t in IT wouldn’t automatically think of these issues unless they experience them firsthand and by then it will be too late.What do you think? I would love this to turn into a debate on the different views regarding social networking. Which method would you choose to protect yourself and others, both at home and professionally? Do you think that the blocking option is the right way to go? Monitoring perhaps? Or do you believe that education is effective enough to be the only safety mechanism in place?