Oversharing on social networking sites leaves 30% internet users vulnerable to cybercrime

Almost a third of internet users admitted to sharing their personal details on social networking sites (SNS) that left them vulnerable to attacks by cyber criminals. Posts and check-ins by these users are often shared with all users instead of with a limited circle of friends. Many users believe any information they put on these platforms could be accessed by people not on their friends list.

This was found in an online survey conducted recently by cyber security giant Kaspersky Lab to assess the cyber savviness of internet users across the globe. Conducted among people over 18 years of age from 16 countries, the survey had more than 1300 Indians participating. More than three-fourths of the respondents (78%) had 

"In the survey, 12% people admitted to befriending anybody who sent them a request irrespective of whether they knew them in real life. To ensure your social network sharing doesn't leave you exposed to danger, one needs to be cautious about whom they befriend and trust on these sites as all might not be as they seem," warned managing director - South Asia for Kaspersky Lab Altaf Halde. It was also essential that privacy settings within social network accounts were at their highest, to ensure it was only your real friends you shared your status updates with, he added.

At least 26% of the users said they didn't hesitate to click on a link sent by a friend without asking what it was, or considering the possibility that the sender's account had been hacked. The golden rule the experts swear by is 'When in doubt, don't accept a friend request or click on a link you are not expecting'. If this is not followed, the information on one's social profiles can easily be accessed by cybercriminals for phishing and identity thef.

Users mistakes behind most Phishinbg atatcks

mail users, beware! While it is easy to blame 'highly-techie hackers' for a cybercrime, it may be your action which leads to serious data breaches. Hackers, often portrayed as biggies under cover, attacks the anxiety of the users to click on links fed at them with catchy texts.

While the discussion over such attacks fully blames the hackers, a report released on Tuesday said that it is the users' anxiety which also leads to many data breaches.

The report released by Verizon on Tuesday said that more than 50% of the people open such phishing mails within the first hour of being fed. Also, as many as 23% of recipients open phishing mails and 11% open attachments which could lead to serious breaches.

Since 2013, more than two-thirds of cyber-espionage cases have featured phishing. Last year more than 95% of such incidents were attributed to state-sponsored actors. Interestingly, the report said nearly 50% open such e-mails and click on phishing links within the first hour.

The study said that while vast majority of hacking attacks are successful because people click on links in tainted emails, there are issues in the administrative area as well where proper proactive actions are not taken by network administrators.

"There are many factors that actually forces a user to clink on malware links. These mails are generally very well drafted and it becomes very hard to detect. We can't blame a user for this but yes, they need to be a cautious," a Verizon spokesperson replied to a TOI query while releasing the report. He added that it just takes 82 seconds for a phishing attack campaign to bite its first victim.

In the last 3 years, the number of hacking attacks that examine a user's computer's memory to search for sensitive data has also grown in a big way. Called RAM scraping attacks, this type of malware was present in some of the most high-profile retail breaches last year, according to the exclusive report by Verizon. The report also said that phishing remains one of the most preferred way of cyber-espionage.


"Do you remember the 'free cup holder' prank? Someone sending you an attachment that opened your CD-ROM drive was cute at the time, but a premonition of more malicious acts to come. Phishing campaigns have evolved in recent years to incorporate installation of malware as the second stage of the attack.

Lessons not learned from the silly pranks of yesteryear and the all-but-mandatory requirement to have e-mail services open for all users has made phishing a favourite tactic of state-sponsored threat actors," added the report.




The report found that a phishing campaign takes just 10 emails to yield a greater than 90% chance that of finding at least one person who will become the criminal's prey.