MessageLabs survey highlights social networking security fears

A report released by UK-based security supplier MessageLabs, has found that nearly 20 percent of organisations blocked social networking and dating sites in February due to concerns about employee productivity and malware.

Share

A report released by UK-based security supplier MessageLabs, has found that nearly 20 percent of organisations blocked social networking and dating sites in February due to concerns about employee productivity and malware.

In addition, the number of websites blocked by policy-based filtering was almost 47 percent, which, according to MessageLabs, should spur IT departments to update their electronic use policies to reflect newer Web 2.0 technologies.

MessageLabs suggested that setting policies to block “Unclassified” websites would offer organsiations more confidence in dealing with potentially harmful websites.

"This offers more protection against websites which appear and disappear within a 24 to 48 hour timeframe, such as phishing websites, spam websites and websites used for hosting malware.," said the report.

Some 62.2% of all web-based malware intercepted in February were classified in this category, as were 82.5% of all spyware, adware and other potentially unwanted programmes.

"Organisations need to raise awareness about the risks of these sites," says Paul Wood, a security analyst with MessageLabs. "Some of the policies are not up to date."

Wood says it wasn't always clear how malware entered users' computers or networks as a result of using social networks. In one example, however, he cited a case where a user visited a fake MySpace page where they were served up a pop-up add designed to look like a Microsoft software update.

When the person clicked on the pop-up, they were taken to an illegitimate site that tried to install malware over JavaScript.

The report, which polled most of MessageLabs' 16,000 customers, also sheds some light on other consumer technologies, such as Gmail.

The proportion of spam originating from Gmail accounts doubled in the month of February, the research states. According to the report, spammers found a way around Completely Automated Public Turing Test To Tell Computers and Humans Apart (CAPTCHA), which is essentially the letters users are asked to type when they start an e-mail account or look for tickets on a site such as Ticketmaster.

Spam from Yahoo still leads the way, claiming 90 percent of the spam sent from consumer-based e-mail services, according to MessageLabs.