Planting Your Flag at Social Networking Sites
On Thursday I shared a laugh with a source at the expense of a mutual acquaintance: a security expert who has for the most part eschewed social networking sites. We were howling because someone who obviously knew enough about this person to push his emotional buttons had registered a Twitter account in his name and was posting some amusing but slightly mocking Tweets. The impersonated person even had several "followers" from the security community.
I mention this because it raises an interesting question for people who have embraced social media, but only to a certain point: That is, does it make sense to go ahead and plant your virtual flag at various social networking sites before someone else does it for you, and potentially uses it to make fun of you -- or worse -- abuse your good name to trick your acquaintances into doing something harms you both?
Indeed, as I noted last year, while social networking sites can be a huge time sink and a breeding ground for virus and worm attacks, there may also be danger in remaining a social networking site Luddite. After all, if you don't claim a space on these networks, someone else may do it for you as a way of scamming or attacking your friends and business contacts.
That piece told the story of two security researchers who did just that:
With the permission and good humor of security pioneer Marcus Ranum, Hamiel and Moyer created a LinkedIn profile on Ranum's behalf, including a photo of him and bits from his resume to make the profile look legit. In less than 24 hours, more than 50 people had joined his LinkedIn network. Among those taken in by the stunt was Ranum's sister.
"Even if you just put some basic information out there that's easy to find, you're kind of controlling your privacy that way," Hamiel said.
As you might expect, Web entrepreneurs already have seized upon this fear to make money. A site called knowem.com allows you to see whether your name or whatever nickname you favor is already registered at any of some 120 social networking sites on the Web today. For a $64.95 fee, the site will register all available accounts on your behalf, a manual process that it says takes one to five business days. "Don't fall victim to "Cyber Squatting" or social media identity theft - ensure that your username or vanity URL is saved for you!" reads the company's sales pitch.
Whether anyone could possibly use and maintain 120 different social networking accounts is beyond my imagination. I would think an automated signup service like knowem.com would be far more useful if there was also a service that people could use to simultaneously update all of these sites with the same or slightly different content.
What about you, Security Fix fans? Have you avoided social networking sites, or have you jumped in headfirst? Have security and privacy concerns kept you away from social networking sites? Would concerns about someone else hijacking your identity at these sites be enough to cause you to at least register your own names there? Sound off in the comments below.
April 24, 2009; 5:11 PM ET
Categories: From the Bunker , Safety Tips , Web Fraud 2.0 | Tags: knowem.com, paranoia, social networking
Save & Share: Previous: Hack Against ISP Hijacks Bank, Google Adsense
Next: Scammers, Spammers Embrace Swine Flu News
Posted by: DavidSKlein | April 25, 2009 12:24 AM | Report abuse
Posted by: AnonymousReader1 | April 25, 2009 7:46 AM | Report abuse
Posted by: ohalvey | April 25, 2009 9:06 AM | Report abuse
Posted by: Tojo1 | April 25, 2009 9:33 AM | Report abuse
Posted by: watchbird1 | April 25, 2009 12:43 PM | Report abuse
Posted by: pauladauncey | April 25, 2009 1:07 PM | Report abuse
Posted by: xAdmin | April 25, 2009 1:54 PM | Report abuse
Posted by: jayess1 | April 25, 2009 4:23 PM | Report abuse
Posted by: datadefender | April 25, 2009 6:04 PM | Report abuse
Posted by: xAdmin | April 25, 2009 11:59 PM | Report abuse
Posted by: Greybeard2 | April 26, 2009 7:16 AM | Report abuse
Posted by: Heron | April 26, 2009 5:09 PM | Report abuse
Posted by: email@example.com | April 27, 2009 1:58 AM | Report abuse
Posted by: amskatoff | April 27, 2009 9:11 AM | Report abuse
Posted by: Annorax | April 27, 2009 10:52 AM | Report abuse
Posted by: nhawkins0016 | April 27, 2009 11:11 PM | Report abuse
Posted by: jeffatrackaid | April 28, 2009 11:14 AM | Report abuse
The comments to this entry are closed.