Advertisement
17 February, 2014

Fortinet sounds the alarm on social media-driven malware and offers tips on safer social media consumption

Dubai, UAE, February 17, 2014 - Fortinet predicts a spike in malware proliferation via social media networks. The global leader in high-performance network security has revealed that deceptive links being shared via social media networks are increasingly the weapon of choice in the spread of malicious software (malware) between users.

Fortinet sounds the alarm on social media-driven malware and offers tips on safer social media consumption
Dubai, UAE, February 17, 2014 - Fortinet predicts a spike in malware proliferation via social media networks. The global leader in high-performance network security has revealed that deceptive links being shared via social media networks are increasingly the weapon of choice in the spread of malicious software (malware) between users.

"Malware is getting more sophisticated by the day, with the ability to spread at exponentially faster rates compared to more traditional file sharing or email based transmission methods. As a result, it is almost impossible for users to be 100% protected. However, by practicing safe surfing and a lot of common sense, one can greatly reduce the chances of getting infected," says Alain Penel, Regional Vice President - Middle East, Fortinet.

He explained that attacks triggered by clicking on legitimate-looking links frequently result in the installation of malware that can force one's computer to join a larger cluster of infected computers known as a botnet. "Botnets are used to carry out a variety of mild to destructive behaviors on the internet, most recently to manufacture online buzz for dubious companies or individuals through bot-driven social media posting, in an activity known as 'like farming'," added Penel.

The Bait

Today, there are a number of deceptive techniques that hackers use to trick users into getting malware into their computer including sending messages out about popular topics to get more views, making downloads appear to be from legitimate sources, such as fake updates for Flash, disabling the computer's antivirus and sending the end-user to compromised websites, as well as adding malicious extensions to one's browser that can hijack his or her social media accounts.

The Results

Once a user's computer is infected, the most commonly attacked items are the user credentials. Password theft makes the news frequently, such as the recent attack by the Pony Botnet which resulted in the theft of two million credentials for sites such as Facebook, LinkedIn, and Twitter. Having a password stolen can be risky, especially for anyone who uses the same password in multiple places, such as online shopping sites or even work computers.

Advertisement
How to Practice Safe Surfing

1. Always Use (Unique) Protection

Having secure passwords goes beyond the regular precautions of mixing letters, numbers, and special characters. The most important thing is to have every password be unique to the account it is associated with. This way, having one account breached won't cause all your other accounts to be vulnerable. A good way to secure your password is to use a password manager. Password managers not only securely store your passwords but can also create new ones that are difficult to guess.

Also be sure that you have secure secret questions that you will remember but that cannot be easily guessed by casual acquaintances. For extra security, memorize incorrect answers to common security questions.

Once you have set a secure password, you should change it often and never share it. If for some reason you have to share your password, do not send this information across a network, and change it as soon as possible.

2. Virus Detection

All computers need to have anti-virus and anti-malware programs installed and kept updated. It is also recommended to scan your computer on a regular basis, especially if you often download files from the Internet.

3. Think before You Click

If you see a friend post something that seems unusual for them, don't click it! Instead, check with them to see if it's legitimate. Be especially careful about links from high profile accounts, such as celebrities, since they make great malware targets. You should also avoid clicking links in generic posts, like "hey, check this out!"

You should also keep an eye on URLs, to make sure they match where you're supposed to be. Watch out for malicious websites that will put a familiar name within their URL to fool you into thinking it's affiliated with that site. If a link uses a short URL, hover over it with your mouse to see the address in full before clicking it. Finally, if you ever see an ad for a deal that seems too good to be true, it probably is.

4. Pass Information, Not Infection

Protect yourself by protecting your friends, who are the ones most likely to put you at risk of getting your computer infected. Make sure they know what social malware is and what they can do to prevent them (perhaps by passing this paper along to them). If you ever have reason to believe that one of your contacts has had their account compromised, let them know immediately and make sure they know what to do to regain control of their account.

About Fortinet (www.fortinet.com)
Fortinet (NASDAQ: FTNT) protects networks, users and data from continually evolving threats.  As a global leader in high-performance network security, we enable businesses and governments to consolidate and integrate stand-alone technologies without suffering performance penalties. Unlike costly, inflexible and low-performance alternatives, Fortinet solutions empower customers to embrace new technologies and business opportunities while protecting essential systems and content. Learn more at www.fortinet.com.

Copyright © 2014 Fortinet, Inc. All rights reserved. The symbols ® and ™ denote respectively federally registered trademarks and unregistered trademarks of Fortinet, Inc., its subsidiaries and affiliates. Fortinet's trademarks include, but are not limited to, the following: Fortinet, FortiGate, FortiGuard, FortiManager, FortiMail, FortiClient, FortiCare, FortiAnalyzer, FortiReporter, FortiOS, FortiASIC, FortiWiFi, FortiSwitch, FortiVoIP, FortiBIOS, FortiLog, FortiResponse, FortiCarrier, FortiScan, FortiAP, FortiDB, FortiVoice and FortiWeb. Other trademarks belong to their respective owners. Fortinet has not independently verified statements or certifications herein attributed to third parties, and Fortinet does not independently endorse such statements. Notwithstanding anything to the contrary herein, nothing herein constitutes a warranty, guarantee, binding specification or other binding commitment by Fortinet, and performance and other specification information herein may be unique to certain environments. This news release may contain forward-looking statements that involve uncertainties and assumptions. Changes of circumstances, product release delays, or other risks as stated in our filings with the Securities and Exchange Commission, located at www.sec.gov, may cause results to differ materially from those expressed or implied in this press release. If the uncertainties materialize or the assumptions prove incorrect, results may differ materially from those expressed or implied by such forward-looking statements and assumptions. All statements other than statements of historical fact are statements that could be deemed forward-looking statements. Fortinet assumes no obligation to update any forward-looking statements, and expressly disclaims any obligation to update these forward-looking statements.

MEDIA CONTACTS:
Amber Dale
Chatterbox PR & Events
amber@chatterboxpre.com
+971-50-795-2652

© Press Release 2014