Upload
stuart-baldwin
View
217
Download
0
Tags:
Embed Size (px)
Citation preview
<<<<<Your Name Here>>>>> 2
An Insight into the Relationship Between Social Media and the Susceptibility to Malicious IntentPresented by Rebecca Morgan
15/05/2015
Rebecca Morgan 3
Social Media
15/05/2015
Social Media
FacebookTwitter
Google +LinkedIn
InstagramTumblr
Peer to Peer communications
SkypeEmail
MobileSMS
Instant messaging
The Media
Newspapers MagazinesNew sites
Radio TV
Rebecca Morgan 4
Most popular social media site
Facebook is growing everyday1.44 billion active users 20% of the worlds population
Creation of the information era
Database of personal data
15/05/2015
Rebecca Morgan 515/05/2015
Rebecca Morgan 615/05/2015
Rebecca Morgan 7
Terminology
“What’s on your mind?”
15/05/2015
Location details
Rebecca Morgan 8
Why does Facebook need the data?
• Data as a form of currency
• Worth $200 billion (September 2014)• Net worth $33.3 billion (July 2014)
15/05/2015
Users Data
Target adverts Money
Rebecca Morgan 9
InvestigationsUse of Social media in investigation
15/05/2015
Rebecca Morgan 10
Investigations
Metropolitan Police
1207 crimes reported involving Facebook 2014
Source of intelligence
Data collection
Location of crime
Online threats
Facility crime
Grooming
15/05/2015
Rebecca Morgan 11
Intelligence
15/05/2015
Public available information
(BBC News, 2015)
Rebecca Morgan 12
Types
Identify token theft
Identify fraud
Phishing
Spear-Phishing
Selling
Collection
15/05/2015
Rebecca Morgan 13
Data Mining
Collection of personal information
Combination of Data
Third party applications
Graph search
FBStalker
15/05/2015
Rebecca Morgan 1415/05/2015
Rebecca Morgan 15
Graph search
15/05/2015
Rebecca Morgan 16
Third party applications
Kali Linux
Maltego
Open source tool used to determine real world links
DMitry
Deep magic Information Gathering Tool
Google Chrome extension
Facebook Friends Mapper
Shows full friends lists even when hidden15/05/2015
Rebecca Morgan 17
A few Examples
15/05/2015
Rebecca Morgan 18
Trustwave test
Used Facebook to get a password, of a public figure
Result
Identified Wife
Public likes – ran a studio
Sent Phishing emails
Wife opened email attachment
Malicious Software
Access to Apple Key chain – stores passwords
15/05/2015
Rebecca Morgan 19
Phishing examples
15/05/2015
The address of clicking play:huxiaoling.com/alludes.php
Effect:PC - Download malware
Address behind the button/link:static.ak.fbcdn.netwesternvn.com
Effect:Get users passwordMalware
Rebecca Morgan 2015/05/2015
Rebecca Morgan 2115/05/2015
Rebecca Morgan 2215/05/2015
Rebecca Morgan 2315/05/2015
Rebecca Morgan 2415/05/2015
Rebecca Morgan 25
Offline use
Open bank accounts
Obtain Credit Cards, loans and benefits
Take over existing accounts
Mobile phone contracts
Documents – passport, driving license15/05/2015
Rebecca Morgan 26
ProtectionMaking use and understand security measures in place
15/05/2015
Rebecca Morgan 27
Security and Privacy settings
Security settings:Two way authentication
Privacy settingsOnly me Friends Friends of Friends Public (Global)
15/05/2015
Rebecca Morgan 2815/05/2015
Audience Distribution
Rebecca Morgan 2915/05/2015
Rebecca Morgan 30
Privacy Check-up
15/05/2015
Rebecca Morgan 31
Privacy Check - up
15/05/2015
Rebecca Morgan 32
Deleting options
Individual posts
Activity log
Accounts
Deactivating – not deleted
Deleting – takes 30 days15/05/2015
Rebecca Morgan 33
Other Social Media
All social media sites are increasing
These methods can be applied to all types
Data from multiple sites can be combined
Search engines –names
15/05/2015
Rebecca Morgan 34
Searching a person
Using a web search engine such as google
Enter a persons name, possible results LinkedInTwitter192.comGoogle +FacebookCompany CheckerName EncyclopaediaOnline DonationsAcademia.edu
15/05/2015
Rebecca Morgan 35
Effects
Users need to educated now and in the future
Facebook advertise but not enough
But users need to take responsibility for their own data
Balance between using the site and distributing data
15/05/2015
Rebecca Morgan 36
Reporting
Victims of malicious actives have a tendency to stay quiet
Action Fraud site
National Fraud Intelligence Bureau
15/05/2015
Rebecca Morgan 37
Future of Facebook
Graph Search
Social Media site or colossal database of personal information?
Continual growth20% of the world in 11 years
Increase Cybercrime reported
15/05/2015
Rebecca Morgan 38
Conclusions
Individuals need to take responsible for the distribution for their own data.
Privacy and Security settings need to be implemented to restrict access to the data.
Incidents need to be reported
The way Facebook is used is changing
15/05/2015
Rebecca Morgan 39
Questions?Thank you for attending!
15/05/2015