Scammers get better tools for tapping social networks
Data could enable more targeted phishing, corporate surveillance
Computerworld - New tools capable of quickly finding, gathering and correlating information about individuals from social networking sites and other public sources are giving online scammers a powerful new weapon, say security researchers.
The tools allow potential attackers to build detailed profiles of individuals by finding and piecing together bits and pieces of information about them scattered on social sites and other public forums. The information can then be used in highly targeted, "spear-phishing" scams and other attacks against individuals and enterprises, they said.
Two companies providing such tools are Core Security Technologies Inc., with its Exomind application, and Paterva, with its Maltego product. Exomind is designed to find, combine and correlate information on individuals and groups of individuals from across multiple social networking sites. It can be used to build a concise portrait of an individual and to identify key relationships with others on social networks and in the real world, said Ariel Waissbein, head of CoreLabs, the R&D unit of Core Security.
Paterva describes Maltego as an open source intelligence and forensics application that can import and correlate data from almost any publicly available online source, including social networks, search engines and PGP key databases. A community edition of the tool also can be downloaded.
The application can be used to determine relationships and real-world connections between people, groups of people such as those in a social network, companies and Web sites. It can also be used to find links between domains, DNS names, IP addresses and even documents and files on the Internet.
For instance, the tools can be used to develop a list of Gmail users at the National Security Agency, find which NASA employees are using MySpace, or to attach e-mail addresses to phone numbers. A graphical user interface presents the information visually.
Paterva claims more than 5,000 users in the security, forensics and law enforcement industries. Maltego has typically been used in tasks such as mapping corporate and social networks and performing information footprints on corporations.
Exomind can also be used to profile the vocabulary that individuals use in their interactions with others on social networking sites, Waissbein said. The information can be used to impersonate a co-worker, business partner or customer -- right down to the particular vocabulary of that person.
"Exomind is a framework that allows us to do open-source intelligence over social networks," Waissbein said. It is a tool that can be used to understand, and then take advantage of, the trusted relationships that exist within a social networking site, he said. "It does not help anyone to compromise a system, but (it) provides you with tools to leverage trust relationships."
- Using Cyber Insurance and Cybercrime Data to Limit Your Business Risk This paper examines the challenges of understanding cyber risks, the importance of having the right cyber risk intelligence, and how to use this...
- 5 Tips to Secure Small Business Backdoors in the Enterprise Supply Chain This paper examines the insecurity of the small businesses in the supply chain and offers tips to close those backdoors into the enterprise.
- Comprehensive Advanced Threat Defense The hot topic in the information security industry these days is "Advanced Threat Defense" (ATD). This paper describes a comprehensive, network-based approach to...
- Advanced Threat Defense: A Comprehensive Approach In this interview, Peter George, president, General Dynamics Fidelis Cybersecurity Solutions, explains why we need more than anti-malware, and what constitutes a comprehensive...
- Live Webcast Security Vulnerabilities Associated With Having Local Administrator Privileges Viewfinity will demonstrate how removing admin rights and granularly managing privileges at the application level reduces the attack surface.
- Security Vulnerabilities Associated With Having Local Administrator Privileges Viewfinity will demonstrate how removing admin rights and granularly managing privileges at the application level reduces the attack surface.
- NSS Labs & Cisco Present: Evaluating Leading Breach Detection Systems Today's constantly evolving advanced malware and APTs can evade point-in-time defenses to penetrate networks. Security professionals must evolve their strategy in lockstep to... All Cybercrime and Hacking White Papers | Webcasts