Seven Deadliest Social Network Attacks »

Carl Timm is the Regional Director of Security for Savvis, Inc. As Regional Director of Security, Mr. Timm is responsible for keeping up-to-date on security threats businesses experience and finding solutions that mitigate the threats. Mr. Timm has worked in the Information Security area for over 16 years providing security and IT governance consulting services for fortune 500 companies. Mr. Timm is also an industry recognized author, having authored multiple books on the topics of security and networking. Mr. Timm holds multiple industry certifications including the CCIE and PMP.

Do you need to keep up with the latest hacks, attacks, and exploits effecting social networks? Then you need Seven Deadliest Social Network Attacks. This book pinpoints the most dangerous hacks and exploits specific to social networks like Facebook, Twitter, and MySpace, laying out the anatomy of these attacks including how to make your system more secure. You will discover the best ways to defend against these vicious hacks with step-by-step instruction and learn techniques to make your computer and network impenetrable.

Attacks detailed in this book include:

1. Social Networking Infrastructure Attacks


2. Malware Attacks


3. Phishing Attacks


4. Evil Twin Attacks


5. Identity Theft


6. Cyber Bullying


7. Physical Threats

• Knowledge is power, find out about the most dominant attacks currently waging war on computers and networks globally


• Discover the best ways to defend against these vicious attacks; step-by-step instruction shows you how


• Institute countermeasures, don’t be caught defenseless again, learn techniques to make your computer and network impenetrable

About the Authors ix

Acknowledgments xi

Introduction xiii

Chapter 1 Social Networking Infrastructure Attacks 1

Bringing the Social Networks to Their Knees 1

What Happened to the Social Networks? 2

Distributed Denial-of-Service Attacks 3

Owning the Social Network 8

How Could This Happen? 8

Saving the Social Networks and Ourselves 16

The Floodgates Have Opened, What Do I Do? 16

Beating the Bot 19

Cutting the Strings 21

Summary 21

Chapter 2 Malware Attacks 23

Malware Defined 24

Understanding the Types of Malware 24

Cross-Site Scripting Explored 27

Dissecting Cross-Site Scripting 29

Introducing Cross-Site Request Forgery 33

Cross-Site Request Forgery Explored 35

Protecting Yourself 36

Mitigating Malware 36

Mitigating Cross-Site Scripting Attacks 38

Mitigating Cross-Site Request Forgery Attacks 39

Summary 40

Endnotes 41

Chapter 3 Phishing Attacks 43

Phishing Attack Scenarios against Social Networks 44

What Happened? 47

How Did It Occur? 48

What Were the Repercussions? 48

Phishing Attack against MySpace 51

Phishing Attack against Twitter 51

How to Mitigate a Phishing Attack 55

Take No Immediate Action 56

Examine the Message 57

Validate the Source 57

Take the Offensive 58

Safeguard Your Computers 59

Ask for Help 59

Future Outlook of Phishing Attacks 60

Summary 61

Endnotes 61

Chapter 4 Evil Twin Attacks 63

Evil Twin Attacks Defined 64

Creating the Evil Twin 66

Protecting Ourselves and the Ones We Love 73

Don't Befriend the Evil Twin 73

Don't Become an Evil Twin 74

Summary 81

Endnotes 82

Chapter 5 Identity Theft 83

The Art of Dumpster Diving 83

Profile of an Identity Thief 84

How Did Nelson Do It? 84

Consequences of Stealing Identities 84

Identity Theft via Facebook 85

Identity Theft through Social Networking 85

Clues to How Bryan's Facebook Account Was Hijacked 87

Repercussions of Having Your Facebook ID Stolen from You 88

Methods to Prevent Identity Theft 89

Avoid Password Reusage 90

Have Secondary E-Mail Address Handy 92

Shred Your Documents 92

Limit Your Liability 92

What to Do if Your Identity Is Compromised 93

Freeze All of Your Assets 94

Initiate a Fraud Alert on Your Credit Reports 94

Notify the Local Police 94

Notify the Federal Trade Commission 95

Document and Retain Records! 95

Continuously Monitor Your Credit Report 95

The Future of Identity Theft 96

Summary 97

Endnotes 98

Chapter 6 Cyberbullying 99

Cyberbullying Tragedy of Megan Meier via MySpace 100

Why Was Megan the Target of Cyberbullying? 101

What Was the Outcome of This Tragic Event? 102

How to Deal with Cyberbullying 102

Steps toward Fighting Cyberbullying 103

Cyberbully Tools of the Trade 106

How to Deal with Cyberbullying in the Gaming and Virtual Worlds 107

What to Do about Griefers 108

Workplace Bullying 109

What Can Be Done about Workplace Bullying? 110

What Is the Future of Cyberbullying? 110

Summary 112

Endnotes 112

Chapter 7 Physical Threats 113

Physical Threats against Your Company 114

Bypassing Physical Security Controls 114

Protecting Your Company 116

Physical Threats against Your Person 118

Jasper Howard: Murder and Online Threats 119

Protecting Yourself 120

Take Action 121

Notify the Attacker 121

Notify the Appropriate Authorities 122

Be Open to Suggestions 123

Preventative Measures to Physical Threats 123

Background Checks 124

Future Outlook to Physical Threats on Social Networks 126

Summary 127

Endnotes 129

Index 131