March 1, 2010

RSA 2010: How to protect yourself from social networking malware

David SparkI‘m at the 2010 RSA Conference here in San Francisco this week reporting for Tripwire.

Before the expo floor opened, I sneaked in (yes, seriously, at the security conference), and got a preview of Sophos’ presentation on protecting yourself from social networking malware. After his preparatory run through, I asked “media tart” (his words, not mine) Graham Cluley (@gcluley) if I could interview him on how to protect yourself and your company from malware over social networks. He provided some good tips. Some of them I’m sure you’ve heard before, but do you actually adhere to them all? Here’s a summary of his recommendations:

  • Get an anti-virus program that scans every link you click on.
  • Just because someone who says they’re you’re friend, they’re not necessarily.
  • To protect yourself from what’s behind a short URL, add a plugin to your browser that gives you a preview of what the long URL is. As a Firefox user, Cluley recommends Long URL Please.
  • Use different passwords for different sites. Cluley says 33% of people use the same password for every single site. I personally use Roboform2Go for password memorization.
  • Don’t use a dictionary word as your password. Pick something difficult that combines letters and numbers.
  • The scammers are always out to get you. Make sure you’re aware of the threats by reading security blogs. He highly suggested you fan the official security page on Facebook.

Read more of Graham’s tips on security on his blog. And please check out more of Tripwire’s coverage from the 2010 RSA Conference in San Francisco.