The massive web boom happened many years ago. In the years following it, we have seen a new era arise. The era of social networking sites. Currently there are over 250,000 social networking sites and over 600 million active members on them. It appears everybody is running with the crowd by taking part in the new era. This of course is perfectly normal and is exactly what is supposed to happen. Unfortunately, when the social networking era emerged, so did another. The evil sibling of the social networking sites. The venerability of stealing users information. Social networking sites are a pool of information waiting to be leaked and exploited.

We put who we are on our social networking page. That is the point of a social networking site. To tell others about our day and what we are doing, right? We can show what we did with the convenient implementation of picture and message postings. These methods of sharing information have been simplified to improve our social networking experience. Sometimes it is overly convenient and that people go a bit overboard with their information. Sometimes the information they post is a bit too personal for public viewing. Fortunately some users privatize their personal information and now relying on the site to safeguard it. Of course, hackers have already figured out that the hole needed to break into a social networking site is closing on them. So they go to the next target, the user.

Hackers and spammers exploit social networking users and their identity for their own personal gain. Your social appearance is valuable to spammers. The average Facebook user has 131 loving friends. Those friends may know the user personally. This boosts the users trust among his friends to a sky high level. This is just what a spammer wants. Now all a spammer needs to do is to harvest the user’s social reputation and make the users friends follow or fall into the spammers trap. How may you ask? With the help of socially engineered scam that is. The famous of them all is the “I Dislike Button”. This scam was a Facebook scam epidemic. An unsuspecting user would visit their friends wall expecting nothing out of the ordinary. When all of a sudden his friend found the most amazing Facebook feature ever: “I just got the Dislike button, so now I can dislike all of your dumb posts lol!!” The user would also like to dislike his friend’s posts (lol of course) and would click on the link that would follow along with his friends post. This would send the user to install the “I Dislike Button” app. Perfect, just what he wants. The user clicks allow and nothing happens. The user ends up with rogue application that requires you to complete an online survey (which makes money for the scammers) before ultimately pointing him to a Firefox browser add-on for a Facebook dislike button developed by FaceMod. This isn’t the only surprise. The so called “I Dislike Button” still has control over his Facebook account and his identity. This is the second whammy. The rogue application now posts the message that led the user into the trap, but only under his name and identity.

Being able to identify the common scam patterns can help keep user’s information and identity safe. The new wave of social networking (more specifically targeting Facebook) rogue applications have very similar characteristics. Being informed on even the most basic can help prevent a spammer from striking gold on your account. These types of attacks spread like wild fire and can only be prevented with user collaboration.