Scammers get better tools for tapping social networks

Computerworld - New tools capable of quickly finding, gathering and correlating information about individuals from social networking sites and other public sources are giving online scammers a powerful new weapon, say security researchers.

The tools allow potential attackers to build detailed profiles of individuals by finding and piecing together bits and pieces of information about them scattered on social sites and other public forums. The information can then be used in highly targeted, "spear-phishing" scams and other attacks against individuals and enterprises, they said.

Two companies providing such tools are Core Security Technologies Inc., with its Exomind application, and Paterva, with its Maltego product. Exomind is designed to find, combine and correlate information on individuals and groups of individuals from across multiple social networking sites. It can be used to build a concise portrait of an individual and to identify key relationships with others on social networks and in the real world, said Ariel Waissbein, head of CoreLabs, the R&D unit of Core Security.

Paterva describes Maltego as an open source intelligence and forensics application that can import and correlate data from almost any publicly available online source, including social networks, search engines and PGP key databases. A community edition of the tool also can be downloaded.

The application can be used to determine relationships and real-world connections between people, groups of people such as those in a social network, companies and Web sites. It can also be used to find links between domains, DNS names, IP addresses and even documents and files on the Internet.

For instance, the tools can be used to develop a list of Gmail users at the National Security Agency, find which NASA employees are using MySpace, or to attach e-mail addresses to phone numbers. A graphical user interface presents the information visually.

Paterva claims more than 5,000 users in the security, forensics and law enforcement industries. Maltego has typically been used in tasks such as mapping corporate and social networks and performing information footprints on corporations.

Exomind can also be used to profile the vocabulary that individuals use in their interactions with others on social networking sites, Waissbein said. The information can be used to impersonate a co-worker, business partner or customer -- right down to the particular vocabulary of that person.

"Exomind is a framework that allows us to do open-source intelligence over social networks," Waissbein said. It is a tool that can be used to understand, and then take advantage of, the trusted relationships that exist within a social networking site, he said. "It does not help anyone to compromise a system, but (it) provides you with tools to leverage trust relationships."