How to limit Twitter risks

04 February 2010
Twitter is now used by over 350 million people worldwide. However, Twitter is also gaining a reputation as security risk for individuals and organisations.

The Threats

Cybercriminals follow social networking sites with a passion because they see in Twitter and other social networking sites a huge opportunity to make money and commit fraud. Although spammers, scammers and malware creators are the root of the problem, end-users of the service are equally dangerous because, ultimately, it is what they do with Twitter that counts.

If Tweeters paid attention to what they are doing, listened carefully to warnings from security experts (their IT team at work) and did not trust every follower who sent them a message, there would be no reason to be concerned.

Unfortunately, humans are the weakest link in the security chain. Add to that a lack of education and little or no awareness of security and you have the right combination for something to go wrong.

So what are the risks and what can organisations and users do to limit such risk?

The Risks

Data leaks of confidential or proprietary information: Corporate organisations are constantly trying to reduce the channels through which information could be leaked. There are numerous ways to update your Twitter account so it is impossible to block access all the time. The information that could be leaked includes identity theft, credit card fraud, business plans, confidential data, information about facilities, availability of personnel or their schedules.

Malware and viruses: Malware creators see Twitter an as excellent opportunity to spread malware. The use of abbreviated URLs makes it easy for the bad guys to mask links to infected sites and to redirect users to websites that they would think twice about visiting. The setting up of fake services could be used to collect credentials and information from that user.

Applications: Users put too much trust in both the people following them and the applications that are easily distributed. These applications, which may be insecure, could be used to steal accounts.

Improper use: Twitter makes it so easy for people to inform their friends and extended network of contacts about what they are doing, where they are and so on. Impulse messaging can be dangerous especially if the user is irate and doesn’t stop to think about the repercussions of his or her tweet. Sending inappropriate tweets is not recommended. From a corporate perspective, employees can be a threat if they post information that could impact negatively on the business and hurt its integrity. A wrong post picked up by such a wide audience could become a PR nightmare for that business.

Customer care: As more and more organisations set up their own accounts and encourage customers to keep in touch, businesses need to be careful how they deal with disgruntled customers who may use Twitter to discuss a negative experience they had. With only 140 characters at its disposal, a business should avoid getting into a slanging match with an unhappy customer on Twitter and encourage the client to use traditional customer care channels. Take the conversation offline.

How to counter the risks?

Every business or organisation which uses Twitter (or any other social media or networking site) should have a strong policy in place (and enforced) that clearly states how it should be used by employees.

They need to be aware of the consequences of sending out seemingly innocent tweets which could still get them into deep trouble. In December 2009, a Vodafone employee was fired after his post was deemed by the company to go against fair competition. Drastic? Maybe, but it showed that even a humorous post could backfire.

Some basic rules include:

1. Think twice before posting. Employees need to think compliance, integrity, security... then post.

2. Access URLs in tweets with care. If there is no real need to check out the site, leave it.

3. Show employees what to look out for. How to notice when someone is stalking or attempting to social engineer information.

4. Avoid confrontation on Twitter. It is a great tool for customer feedback but a disaster in resolving issues.

5. Create a policy in a language that is understood by employees. Have them sign it. There should be no excuses that they did not know what they could or could not say.

 

Latest Personal and Home security articles

 Three and a half years prison sentence for rogue locksmith

 W32 Stuxnet-B rootkit can install itself automatically from a USB memory stick onto a fully-patched PC

 Norbain adds Cascade Electronic Systems to its range to ensure intruder solutions are available for all budgets

 The security message about encryption is finally getting through

 Siemens Security provides an effective and dependable solution to ensuring the security of a safe house

 The use of POTS for alarm communication will come to an end but each country is progressing at a different rate

 HAL-Locate recovers stolen caravan

 Google delivers twice the amount of malware than Twitter, Yahoo and Bing combined

 Cloudmark's Cloudfilter protects Digiweb's customers from spam

 Police crack down on burglaries in West Oxfordshire and South Buckinghamshire with SelectaDNA

...[view more articles on Personal and Home security]...

 

Other security websites:

Bank and financial security - Corporate security - School and education security - Sport event and live venue security - Healthcare and hospital security - Hotel restaurant and casino security - Industrial and manufacturing security - Infrastructure and Utilities security - Home and personal security - Public sector security - Retail security - Small Business security - Transport security

Breaking news Personal and Home security news Security tradeshows and conferences Personal security books and guides Trade bodies and Associations

About us Editorial policy Advertise Newsletter registration Free newsfeed for your site
Personal and Home security links

Security agencies to take over CWG venues tomorrow Security agencies to take over CWG venues tomorrowSecurity agencies to take over CWG venues tomorrow

HOME OF ENGLISH INTL HOME OF ENGLISH INTL. Est. 1997. Children’s English School Grades 1-12. American curriculum Elementary &High School programs. Pre-school for kids 3-6. #30 St. 282, P.P.

Kabul Bank Security Tight as Afghan Finance Chiefs Plan Response Armed security officers guarded Kabul Bank’s headquarters as finance officials prepared to outline steps to restore confidence in Afghanistan’s biggest private lender after reports of losses triggered withdrawals.

One security guard killed in armored van robbery in Cavite mall One security guard was killed and another was wounded after armed men allegedly robbed an armored-van at a mall in Dasmariñas town in Cavite province before noon Monday.

Security, availability drive APAC private cloud interest More Asia-Pacific CIOs are looking at private clouds as concerns over security risks as well as availability and performance of the services provided by public clouds linger, an IDC analyst reveals.

GS Home Shopping Falls After Woori Says Earnings Will Be Below Consensus GS Home Shopping Inc. fell the most in more than three months in Seoul trading after Woori Investment & Securities Co. said the company’s third-quarter earnings will fall short of analysts’ estimates. The South Korean operator of a cable-television shopping channel and Internet mall lost 3.2 percent to 92,100 won as of 9:18 a.m. on the Korea Exchange, headed for the biggest drop since May 24 ...

Security Guard Shot on Poospatuck Reservation A security guard was shot on the Poospatuck Reservation in...



Copyright © Personal Security Portal

Terms & conditions
Privacy policy
CMS and Web design by www.areza.com
directory of Personal and Home security suppliers
Search directory Register your company
Personal and Home Security books:

SEARCH NEWS
DIRECTORY
Google