Risks of identity theft and computer fraud are growing at a fast rate, driven by the rapid expansion of internet social networking into people's homes and workplaces. The protection against identity theft requires a multiprong approach, according to Sam Tong, a security consultant at Symantec.cloud Hong Kong. Tong recommends some best practices for protection. 'Try to use two-factor authentication to protect against socially engineered password theft if the social network provider supports it,' he says. 'Users should not share their addresses, phone numbers, or years of birthdays. It also helps by using privacy settings to restrict personal information to be viewed by approved contacts only.' Exercise caution when clicking on shortened links, Tong adds. 'During a three-month observation in 2010, 65 per cent of the malicious uniform resource locators (URLs) observed on social networks were shortened ones. To protect yourself from malicious links in social networks, do not click on a link sent by someone you do not know. It is recommended to use security software to double check the safety of the link when you access it.' Pop-up windows in social networks can also be a risk. Users should block pop-up windows with browser tools or security software and delete cookies and history after accessing social network websites, Tong advises. 'Reject the connection request from any unknown person and do not use unknown third-party applications in a social network website recommended by an unknown person.' Users of social networking sites need to fully understand their rights in privacy protection when they sign up to such sites, says William Tam, technical manager at Websense, a web security software specialist. 'Because these rights and settings could change from time to time, users should sign up to news alerts or newsletters, such as Facebook Security, to stay updated on any latest changes. 'Enabling hypertext transfer protocols access is also another common setting that is highly recommended if a user accesses his social networking site from a location such as a public hot spot. Accounts should be protected with passwords that are not based on information commonly shared on the social networking sites, such as birthdays and names of spouses or pets,' Tam says. Rob McMillan, research director of Sydney-based Gartner Australasia, believes due diligence is essential in overall protection against identity theft. 'When I am not comfortable with a particular company, I will do searches to see if it has anything to do with online scams. 'Do not hand over details of credit cards, passport or driver's licence casually,' he says. There are social media-focused security solutions available. Among them is Websense Defensio, a service providing bloggers, Facebook users and social website owners with personalised and adaptive protection from common spam, malware, profanity, and other threats embedded in user-generated content, Tam says. 'By obtaining unique real-time insights into the Web 2.0 environment and emerging threats, the Defensio service provides real-time security analysis and protection.' On Facebook, for instance, Defensio can now protect users' personal or corporate profiles from spam and malicious content. 'You can configure which categories you want to block and which ones you want to allow. Defensio can also automatically detect, reject, and mask profanity from user-generated content posted on your website. We maintain a basic list of profanity words, and you can add to this list in the control panel,' Tam says. Symantec Norton Internet Security has been developed to provide an all-in-one protection for individuals with personal firewall, intrusion prevention system and intrusion detection system, antivirus and antispyware web protection, Tong says. 'It lets you e-mail, chat and surf the web without worrying about cybercriminals ripping you off. This solution delivers the industry's fastest security suite for protection from online dangers without sacrificing performance. It guards against online identity theft so you can shop, bank and visit social networks with confidence.' The latest Symantec Endpoint Protection 12.1 solution integrates antivirus, antispyware, firewall and intrusion prevention, and network access, device and application control into one single offering, Tong adds. For existing Symantec endpoint customers, it also offers seamless migration from previous versions of Symantec Endpoint Protection. SEP 12.1 is the first product in the market designed specifically to address the security concerns of virtual environments, Tong says.
