• FREE RESOURCES
        • Accounts Payable
          Finally! The trick to securing greater T&E compliance
          Benefits
          Rooting out folks who don’t belong on your health plan: A 6-point dependent audit checklist
          IT
          3 costly misconceptions about biz email compromise
          Credit and Collections
          Collecting via email: 4 must-make moves in your subject line
          Accounts Payable
          5 Tough-to-spot signs that an invoice is fake
  • PREMIUM CONTENT
        • Staff management
          120 Proven Communications Tips for Today’s CFO
        • Payroll
          Handling Nonexempt Employee Pay: Stay Compliant and Avoid DOL Audits
          Accounts Payable
          T&E Best Practices: Complete Guide to Ensure Compliance
          Payroll
          Payroll Best Practices: 4 Ways to Save Time and Money
        • Staff management
          Email Best Practices: A 6-Question Quiz
          Staff management
          Innovative Communications Strategies: An Email Case Study
          Staff management
          A 5-part Framework for Successful Workplace Communications
        • SEE MORE
          PREMIUM RESOURCES
  • CORONAVIRUS RESOURCES
  • LOGIN
  • SIGN UP FREE

CFO Daily News

  • FREE RESOURCES
        • Accounts Payable
          Finally! The trick to securing greater T&E compliance
          Benefits
          Rooting out folks who don’t belong on your health plan: A 6-point dependent audit checklist
          IT
          3 costly misconceptions about biz email compromise
          Credit and Collections
          Collecting via email: 4 must-make moves in your subject line
          Accounts Payable
          5 Tough-to-spot signs that an invoice is fake
  • PREMIUM CONTENT
        • Staff management
          120 Proven Communications Tips for Today’s CFO
        • Payroll
          Handling Nonexempt Employee Pay: Stay Compliant and Avoid DOL Audits
          Accounts Payable
          T&E Best Practices: Complete Guide to Ensure Compliance
          Payroll
          Payroll Best Practices: 4 Ways to Save Time and Money
        • Staff management
          Email Best Practices: A 6-Question Quiz
          Staff management
          Innovative Communications Strategies: An Email Case Study
          Staff management
          A 5-part Framework for Successful Workplace Communications
        • SEE MORE
          PREMIUM RESOURCES
  • CORONAVIRUS RESOURCES
  • Accounts Payable
  • Credit and Collections
  • Payroll
  • Accounting
  • Benefits
  • Finance Technology
  • More
    • Employment Law
    • Strategy
    • Policy and Culture
    • Fraud
    • Payments and Transactions
    • Budgeting and Forecasting
    • Banking
    • Staff Management
    • Cost Control
    • Supply Chain
    • IT

Best of FinanceTech: Dumb Facebook users: Hackers' new best friends

Jennifer Azara
by Jennifer Azara
June 25, 2009
2 minute read
  • SHARE ON

Hackers are increasingly taking aim at Web 2.0 social networking sites, but it’s still probably dumb users who are most dangerous to a company’s network.

A new report issued last week by the security pros at Secure Enterprise 2.0 found that cybercriminals and online mischief makers are stepping up their attacks on social networking sites, which they see as fertile ground for hijacking users and re-directing them to bogus sites.

As the use of social networking skyrockets, it’s no wonder that malicious techs have directed their attention at these sites.

More users equals more potential victims, so popularity is sure to make these sites the targets of nefarious folks.

But more interesting in the report is the fact that by far the most frequent outcome is the leakage of sensitive information — likely information that should never have been posted to the site in the first place.

And for that, you can blame dumb users.

When we say dumb, we’re not accusing users of being mentally incompetent. We’re using dumb in the ignorant sense — dumb in the sense that they don’t understand the technology they are using and how what they are posting or their identity can be easily stolen.

Some facts from the report following trends in the targeting of Web 2.0 sites during Q1 of 2009:

  • Web 2.0 services and sites lead the list with highest number of all recorded incidents (21%).
  • Most popular attack vectors exploiting Web 2.0 features are SQL injection (21% of attacks) and authentication abuse (18%). A new emerging threat is Cross Site Request Forgery (CSRF) that currently ranks as the 6th most popular attack vector with 8% of the reported attacks.
  • Leakage of sensitive information remains the most common outcome of Web hacks (29%), while disinformation follows with 26%, mostly due to hacking of online identities of celebrities.

If users in your organization are spending time on social networking sites, now might be a good time to educate them on the dangers they’ll find there.

Posting any information about your company or organization can lead to big trouble if a user’s online identity is stolen. Be sure to warn them that whether they’re using social networking sites for pleasure or business, there’s a risk to their activity that can impact them personally and professionally.

Jennifer Azara
Jennifer Azara
Jennifer, a member of the CFO Daily News staff, has covered business and finance for more than 22 years. She has written for CFOs, credit and collections professionals and accounts payable practitioners and has spoken at industry conferences on sales and use tax compliance.

Keep Up To Date with the Latest Finance News

With CFO Daily News arriving in your inbox, you will never miss critical stories on accounting, benefits, payroll & employment law strategies.

Sign up for a free CFO Daily News membership and get our newsletter!
  • This field is for validation purposes and should be left unchanged.
CFO Daily News Logo
  • ABOUT CFO DAILY NEWS
  • ADVERTISE WITH US
  • WRITE FOR US
  • CONTACT
  • Accounting
  • Benefits
  • Payroll
  • Policy and Culture
  • Employment Law
  • Fraud
  • Finance Technology
  • Accounts Payable
  • Credit and Collections
  • Strategy
  • Payments and Transactions
  • Budgeting and Forecasting
  • Banking
  • Staff Management
  • Cost Control
  • Supply Chain
  • IT

CFO Daily News, part of the SuccessFuel Network, provides the latest Finance and employment law news for Finance professionals in the trenches of small-to-medium-sized businesses. Rather than simply regurgitating the day’s headlines, CFO Daily News delivers actionable insights, helping Finance execs understand what Finance trends mean to their business.

Privacy Policy Terms of Service
Copyright © 2021 SuccessFuel

WELCOME BACK!

Enter your username and password below to log in

Forget Your Username or Password?

Reset Password

Lost your password? Please enter your username or email address. You will receive a link to create a new password via email.

Log In

preloader