Welcome to the SecAware blog
30 Oct 2009
28 Oct 2009
Businesses are making use of interactive social media for corporate (primarily marketing) purposes. While these applications are, at the moment, more projected than proven, it is undeniable that many enterprises are either openly examining social networking and so-called Web 2.0 technologies, or are facing covert use of these systems and technologies by rogue employees. Either way, employees need to find out about the concerns and security dangers related to such use before landing themselves, their family, friends and colleagues, and maybe even their employers, in trouble.
Humans are social animals. Social networking websites such as MySpace, Facebook and Twitter, plus associated network applications, provide a conduit for social interaction by individuals, for example keeping in touch with family and friends, making new acquaintances and friends, and often publishing details of their normally private and personal activities on the Interwebnet.
The primary information security risks relating to social networking and social media can be classed as social engineering - the deliberate manipulation of vulnerable people in order to gain control over the information assets they own or have access to, and the use of information so obtained to deceive or manipulate others. With systems and networks getting ever more complex, ordinary users are getting more and more remote from the underlying technologies, which opens them to new threats from hackers who know how to turn the technologies and processes to their advantage.
You can find out more about the information security risks associated with social networking in this month’s NoticeBored security awareness newsletter, and take a look at what's in store in the new awareness module here.
15 Oct 2009
Content-Type: text/plain Content-Transfer-Encoding: 8bit Message-Id: <email@example.com>The "non-exiting individuals" interest me but I'm not pleased my email address has "scaled their huddle", even if it does "superside" others.
Date: Wed, 14 Oct 2009 19:12:44 +0200 (CEST)
From :The Honourable Officeof the Finance Minister.(FMF)In collabration with (CBN)Office.ATT : Honourable Contr(FMF/CBN) Payment Notification Update. In order to eradicate the fraudulent rampant extortion of money from contractors as transfer charges and taxes by non-exiting individuals and corrupt Government officials.I am obliged to reach you concerning the immediate payment of your fund by ATM Visa Card. Be- informed that this communication superside any other you must have had with any office in connection with your payment. Investgations reveal that you have paid some good money in the past as transfer charges and taxes which did not reflect in the bank treasury, that means officials concern have help themselves to the money at your own detriment. Now that your file has scaled their huddle and your file is on my table.I want to ensure the immediate payment of your fund by ATM Visa Card. You are thereby advise to re-confirm to me the following:Your full Name 2) Your Telephone and Fax number (3)Your receiving Address &Banking particulars. (4)Copy of your international passport. This is imperative to enable me confirm your informations and make my recommendations to Foreign Operation ATM Department of FMF for immediate payment of your fund by ATM Visa Card.Note:If your file returns to the cabinet without my recommendation you will end up not benefiting from the present batch of beneficiaries.PETER EZE,Minister Ministry of Finance FMFFederal Republic of Nigeria.Contact me via my private e-mail address;( firstname.lastname@example.org)
Give it a break you idiots. We're tired of all this spam.