A security firm recently conducted some tests to quantify the threats posed by social networking sites. The results could convince some IT departments to focus more on controlling social media use or educating users about the dangers.
At any given time, social networking users could be just a click away from infecting their computers with malware, according to a recent report by security firm Dasient.
In one set of experiments, Dasient created profiles on 12 different social networks and posted links flagged as potentially malicious by Google. The links were allowed to go up 81% of the time Dasient tried to post to them.
Since a lot of the posts made on social networks contain links, it’s scary to know there are almost no controls about what people are linking to.
But the second experiment may be even more distressing. Dasient created an ad reading “Click here for a security test” that contained a link to “drive-by” download (the downloaded program in this case was benign, but the ad was modeled after many common malware-spreading ads) and posted it to each social network.
In every case, it took a long time for the site to disapprove of the ad and take it down. In total, the ad got 159,767 impressions and 103 clicks, but Dasient believes if they had worked to make it more enticing, more people would have clicked on it before it was taken down.
Dasient put out the call for social networks to beef up their security controls. But until that happens, it’s up to IT departments to make sure people are using the sites safely (or not at all) while they’re at work.