Archive for the ‘Statistics’ Category

Attackers Use Fake Friends to Blend into Facebook

Thursday, February 2nd, 2012

FOR IMMEDIATE RELEASE

Attackers Use Fake Friends to Blend into Facebook

Barracuda Labs Unveils New Research Study Analyzing Facebook Profiles

View the Infographic: Facebook: Fake Profiles vs. Real Users at http://www.barracudalabs.com/fbinfographic/.

Campbell, Calif. (February 2, 2012) – Barracuda Networks, a leading provider of security, networking and data protection solutions, today released findings from Barracuda Labs’ most recent study, Facebook: Fake Profiles vs. Real Users. The study analyzes a random sampling of 2,884 active Facebook accounts to identify key differences between average real user accounts and fake accounts created by attackers and spammers. The results of the study are being presented today at the 2012 Kaspersky Threatpost Security Analyst Summit in Cancun, Mexico.

Facebook, which filed for IPO this week, has become an important part of personal and business communication. The company consistently fights to keep attackers out of its network, most recently announcing its lawsuit against a marketing firm accused of “spreading spam through misleading and deceptive tactics”. The Barracuda Labs study provides yet another example of this “arms race” as an increasing number of attackers move to social networks to carry out their wares.

Highlighted findings from the Barracuda Labs study include:
•    Almost 60 percent of fake accounts claim to be bisexual, 10 times more than real users
•    Fake accounts have six times more friends than real users, 726 versus 130
•    Fake accounts use photo tags over 100 times more than real users, 136 tags per four photos versus one tag per four photos
•    Fake accounts almost always (97 percent) claim to be female, as opposed to 40 percent for real users

“Likes, News Feeds and Apps have helped lead Facebook to its social network dominance and now attackers are harnessing those same features to efficiently scale their efforts,” said Dr. Paul Judge, chief research officer at Barracuda Networks. “These fake profiles and apps give attackers a long-lived path to continuously present malicious links to innocent users.

“Also, researchers have shown how friending malicious accounts can lead to account takeover using Facebook’s trusted friend account recovery,” Judge continued. “We have analyzed thousands of fake accounts to determine features and patterns that distinguish them from real users, and created a feature-based heuristic engine to distinguish real users from fake profiles.”

The study analyzes data collected from Barracuda Profile Protector, a free tool that analyzes and blocks malicious activity on Facebook and Twitter, along with public data collected from streams and network crawling to demonstrate how users typically operate. The study illustrates how attacks on Facebook are structured to exploit the “friendship” concept and trust of widely-used applications. A variety of machine learning techniques are used to analyze shared URLs, profile images, profile information, and connections with other users to reveal associations, weak and strong, between malicious users.

Resources:
•    Download the Infographic: Facebook: Fake Profiles vs. Real Users at http://www.barracudalabs.com/fbinfographic/.
•    View the Barracuda Labs security research portal at http://barracudalabs.com.
•    Install Profile Protector at http://ProfileProtector.com.
•    Follow Barracuda Labs on Twitter at @barracudalabs

About Barracuda Labs
Barracuda Labs is a global multi-disciplinary research and threat analysis team that fulfills a critical role in developing innovative technologies across Barracuda Networks’ business areas. The team evaluates the threat ecosystem and creates security intelligence to defend Barracuda Networks customers. Barracuda Labs’ threat research areas, which include email, Web, network and cloud security and technology, are designed to improve the world’s security posture by promoting security awareness and education, developing and innovating new defense technologies, and working with government and law enforcement agencies to reduce cybersecurity crime. For more information, please visit www.barracudalabs.com.

About Barracuda Networks Inc.
Barracuda Networks combines premises-based gateways and software, virtual appliances, cloud services, and sophisticated remote support to deliver comprehensive content and network security, data protection and application delivery solutions. The company’s expansive product portfolio includes offerings for protection against email and Web threats as well as products that improve application delivery and network access, message archiving, backup and data protection. Coca-Cola, FedEx, Harvard University, IBM, L’Oreal, and Europcar are among the more than 150,000 organizations protecting their IT infrastructures with Barracuda Networks’ range of affordable, easy-to-deploy and manage solutions. Barracuda Networks is privately held with its International Headquarters in Campbell, Calif. For more information, please visit www.barracudanetworks.com.

###

Share

Posted in Internet Security Tips, phishing, Research, Security, Social Networking, Statistics, Web Security | No Comments »

The more connected the more vulnerable

Tuesday, December 13th, 2011

by Daniel Peck, Research Scientist

The Facebook data team released some interesting data a few days ago focusing on the connectedness of their social graph, taking six degrees of Kevin Bacon and looking at how many connections away from each other any two people on the network are. From their research it seems like more than 90% of people on the network are seperated by only four degrees, meaning that any person A has a friend that knows a friend of Person B.

Interesting in and of itself this shows how social networking is used to connect to people with whom you have very little in common, perhaps enjoying similar music, enjoying the same food, or like the same apps/games on Facebook.  Something like mini ad-hoc Farmville Fan Clubs.  And that is neat, the more connected we are to one another then maybe the more we’ll understand each other.

That said, this amount of connectedness has a price in the realm of trust, especially with regards to anomaly detection and behavioral classifying. The network doesn’t distinguish the levels of trust/friendship that we have in the real world.  This is likely a neccessary level of abstraction, and we don’t have a leaderboard of friends trust levels, but you have an internal model that allows you to weigh “truths” differently based on whether it came from a long time friend versus someone you met because you attended a one day class together. Software can’t know these levels, at least not without an unreasonable level of training from the user, so for the purposes of behavioral classification it has to use more derived variables, like connectedness, on the social graph.  As this collapses these variables become less valuable, and may introduce false levels of trust within your real circle of friends.  We’ve seen this become increasingly popular with spammers working through fake accounts.  Usually the steps go something like this:

  1. An account is created with a profile listing that they went to “Generic State U”
  2. A few friend requests are sent to others within the “Generic State U” ad-hoc group and with a relatively high level of certainty a few will accept.
  3. The spammer then has a foothold into that persons network, and each “friend” request they send out has more legitimacy
  4. Your real friends are wishing these fake accounts “happy birthday” and commenting on their latest picture uploads, and occasionally having malware spreading links dropped into their feed.

This level of trust via degree connectedness leads to a sort of herd vulnerability. Each malicious account that gains a foothold on the network, means all users of the network are much more vulnerable. The extra few seconds that you take to verify a friend connection, even if you aren’t worried about privacy issues or spam yourself, helps protect less savy users and keeps some of the easiest computations for behavioral analysis effective and the network as a whole a bit less dangerous for the weaker members.

Share

Posted in Internet Security Tips, Social Networking, Spam, Statistics | No Comments »

Barracuda Labs Releases 2011 Social Networking Security and Privacy Study

Wednesday, October 12th, 2011

By: Barracuda Labs

For Immediate Release

NINE OUT OF 10 PEOPLE ATTACKED AND ONE OUT OF FIVE PEOPLE DAMAGED BY PRIVACY LAPSE ON SOCIAL NETWORKS

Barracuda Labs Releases 2011 Social Networking Security & Privacy Study

Campbell, Calif. (Oct. 12, 2011) Barracuda Labs today released its 2011 Social Networking Security & Privacy Study. The complete study and infographic can be seen at www.barracudalabs.com. Barracuda Labs is the research arm of Barracuda Networks Inc., the leading provider of security, application delivery and data protection solutions to businesses.

“Social networks are a significant part of how we communicate with one another. At the same time, the dangers associated with social networking have climbed exponentially,” said Dr. Paul Judge, chief research officer and vice president for Barracuda Networks. “The fact that nine out of 10 users already have been attacked proves that attackers are taking over social networks and users are living in fear.”

The study focuses on social networking usage, security and privacy, and is based on survey results from hundreds of users representing over 20 countries. The study was conducted over a two-week span between September and October 2011. Overall, users value security and privacy almost equally to popularity and ease of use. Major highlights from the study are included below.

Social Networking Usage

  • LinkedIn is the most accepted social network by businesses with only 20 percent of companies blocking or limiting its usage, as compared to 31 percent of companies that block or limit Facebook.

Social Networking Security

  • Nine out of 10 people have received spam, and one in four have received a virus or malware, on a social network.

Social Networking Privacy

  • One in five people has been negatively affected by information that was exposed on a social network.

2011 Social Networking Security & Privacy Study – Resources:

 

About Barracuda Labs

Barracuda Labs is a global multi-disciplinary research and threat analysis team that fulfills a critical role in developing innovative technologies across Barracuda Networks’ business areas. Barracuda Labs’ threat research areas include email, Web, network and cloud security and technology. Barracuda Labs aims to improve the world’s security posture by promoting security awareness and education, developing and innovating new defense technologies, and working with government and law enforcement agencies to reduce cybersecurity crime.

About Barracuda Networks

Barracuda Networks Inc. combines premises-based gateways and software, virtual appliances, cloud services, and sophisticated remote support to deliver comprehensive content security, data protection and application delivery solutions. The company’s expansive product portfolio includes offerings for protection against email and Web threats, as well as products that improve application delivery and network access, message archiving, backup and data protection. Coca-Cola, FedEx, Harvard University, IBM, L’Oreal, and Europcar are among the more than 150,000 organizations protecting their IT infrastructures with Barracuda Networks’ range of affordable, easy-to-deploy and manage solutions. Barracuda Networks is privately held with its International headquarters in Campbell, Calif. For more information, please visit www.barracudanetworks.com.

Share

Posted in ID Theft, phishing, Research, Security, Social Networking, Spam, Statistics | No Comments »

Email Spam Drops by Half While Search Engine Malware Increases 50 Percent and Twitter Crime Rate Rises 20 Percent During 2010

Thursday, March 3rd, 2011

From: Barracuda Labs [PRESS RELEASE]

Barracuda Labs Issues 2010 Annual Security Report; Launches New, Free Profile Protector to Protect Users against Malicious Threats on Facebook and Twitter

Campbell, Calif., March 3, 2011 – Barracuda Networks Inc., a leading provider of content security, data protection and application delivery solutions, today released findings from its 2010 Annual Security Report which indicates attackers are making a shift from using email spam to more aggressively targeting the Internet. Email spam dropped by half during 2010, while search engine malware doubled and the Twitter Crime Rate increased 20 percent, signifying a concentrated focus on the more lucrative social networks and search engines as attack vectors. To help combat this, Barracuda Networks today announced the availability of its new Profile Protector, a free service that protects social networking users against malicious threats on Facebook and Twitter. Profile Protector is available at http://profileprotector.com/.

“Attackers focus on where they can get the most eyeballs and profit, and today that means social networks and search engines,” said Dr. Paul Judge, chief research officer at Barracuda Networks. “As a community we often point to the need for user education as the missing component; however, the levels of social engineering involved in today’s attacks suggest that we must continue to elevate our technological approaches. The research community must continue to build innovative defenses and the industry must make efforts to increase the deployment rates of those defenses.”

Searching for Malware
Barracuda Labs conducts periodic studies across Bing, Google, Twitter and Yahoo!, analyzing trending topics on popular search engines in order to understand the scope of the problem and to identify the types of topics used by malware distributors. The most recent study was conducted over 153 days. The analysis reviews more than 157,000 trending topics and nearly 37 million search results. Overall, the research found that attackers have increased the amount of search engine malware as well as expanded targeted efforts beyond Google.

Key highlights from the search result analysis include:

  • In June 2010, Google was crowned as “King” of malware, turning up more than twice the amount of malware as Bing, Twitter and Yahoo! combined when searches on popular trending topics were performed. As malware spread across the other search engines, the ratios were distributed more evenly by December 2010, with Google producing 38 percent of overall malware; Yahoo! at 30 percent; Bing at 24 percent and Twitter at eight percent.
  • The amount of malware found daily across the search engines increased 55 percent from 145.7 in June 2010 to 226.3 in December 2010.
  • One in five search topics lead to malware, while one in 1,000 search results lead to malware.
  • The top 10 terms used by malware distributors include the name of a Jersey Shore actress, the president, the NFL and credit score.

The Dark Side of Twitter
Barracuda Labs analyzed more than 26 million Twitter accounts in order to measure and analyze account behavior. The analysis enabled researchers to model normal user behavior and identify features that are strong indicators of illegitimate account use. The study reviews several key areas including True Twitter Users1, Twitter Crime Rate2, and Tweet Number3.

Key highlights from the Twitter research include:

  • In general, activity continues to increase on Twitter: more users are coming online; True Twitter Users are tweeting more often, and even casual users are becoming more active. As users become more active, the malicious activity also increases.
  • The number of True Twitter Users increased to 43 percent, up from only 29 percent in June 2010.
  • For every 100 Twitter users, 39 have between one and nine followers, while 50 percent of Twitter users have more than 10 followers.
  • Approximately 79 percent of Twitter users tweet less than once per day.
  • After decreasing at the end of 2009, the Twitter Crime Rate increased 20 percent from the first half of 2010 to the second half of 2010, going from 1.6 percent to 2 percent.
  • Attackers are distributing malware and exploiting vulnerabilities to achieve their malicious goals.

To view the complete Barracuda Labs 2010 Annual Security Report and the company’s security portal, please visit http://barracudalabs.com.

Protecting Profiles on Facebook and Twitter
Barracuda Labs also announced the availability of its new Profile Protector, a free service that protects social networking users against malicious threats on Facebook and Twitter and is available at http://profileprotector.com/. The application analyzes user-generated content posted to profiles and is able to block or remove malicious or suspicious content. This includes malicious URLs, embedded photos and/or videos on Facebook and Twitter pages and news feeds.

About Barracuda Networks Inc.
Barracuda Networks Inc. combines premises-based gateways and software, virtual appliances, cloud services, and sophisticated remote support to deliver comprehensive content security, data protection and application delivery solutions.  The company’s expansive product portfolio includes offerings for protection against email, Web and IM threats as well as products that improve application delivery and network access, message archiving, backup and data protection. Coca-Cola, FedEx, Harvard University, IBM, L’Oreal, and Europcar are among the more than 130,000 organizations protecting their IT infrastructures with Barracuda Networks’ range of affordable, easy-to-deploy and manage solutions.  Barracuda Networks is privately held with its International headquarters in Campbell, Calif.  For more information, please visit www.barracudanetworks.com.

Resources:
•    Download the Barracuda Labs 2010 Annual Security Report at http://www.barracudalabs.com/research_resources.html.
•    View the Barracuda Labs security research portal at http://BarracudaLabs.com.
•    Follow Barracuda Labs on Twitter at @barracudalabs.

Footnotes:
1 – ‘True Twitter User’ is defined as a user that has at least (≥) 10 followers, follows at least (≥) 10 people, and has tweeted at least (≥) 10 times.
2 – ‘Twitter Crime Rate’ is defined as the percentage of accounts created per month that were eventually suspended for malicious or suspicious activity, or otherwise misused.
3 – ‘Tweet Number’ is defined as a user’s average number of tweets per day.

#  #  #

Share

Posted in Research, Security, SEO Poisoning, Social Networking, Statistics, Web Security | 1 Comment »

73 Percent of Organizations Have Been Hacked At Least Once In The Last 24 Months Through Insecure Web Applications

Tuesday, February 8th, 2011

By: Barracuda Labs

  • Report from Ponemon Institute finds website attacks are the biggest concern for companies, yet 88 percent spend more on coffee than securing Web applications
  • 69 percent of organizations rely on network layer firewalls to protect their websites, leaving Web applications wide open for attack
  • 72 percent of organizations test less than 10 percent of their Web applications for security holes, some knowing they have been hacked in the past

Barracuda Networks Inc., Cenzic Inc. and the Ponemon Institute, today announced the results of the “State of Application Security Survey,” which reveals respondents’ perceptions and experiences protecting Web applications. The survey underscores the lack of adequate protection currently in use and overall insufficient resources and knowledge around Web application security.

According to 74 percent of respondents, Web application security is either more critical or equally critical to other security issues faced by their organizations. Despite this, the study shows there are many misconceptions around the methods used to secure Web applications, primarily Web application firewalls and vulnerability assessment.

“While it is encouraging to see that Web application security is on the minds of most organizations, there still seems to be a real disconnect between the desire and implementation of security countermeasures required for Web application security,” said Dr. Paul Judge, chief research officer and VP for Barracuda Networks. “The fact that 69 percent of respondents are relying upon network firewalls to secure Web applications is like relying upon a cardboard shield for protection in a sword fight – eventually your shield will prove that it’s insufficient and an attack will reach you that can fly past a network firewall.”

“The fact that a quarter of respondents could not provide a range for how many Web applications they have is a huge red flag right off the bat,” said Mandeep Khera, CMO for Cenzic. “Furthermore, that 20 percent of organizations do not test at all and 40 percent test only 5 percent of their Web applications is shocking. And, most of these companies have been hacked multiple times through insecure Web applications. If you know that burglars come through a broken door repeatedly wouldn’t you want to fix that door?”

Other key findings in the study include:

  • Data protection (62 percent) and compliance (51 percent) were the top reasons for securing Web apps. Job protection was also a significant reason cited by 15 percent of respondents.
  • Despite 51 percent listing compliance as a key driver for Web application security, 43 percent are not familiar with or have no knowledge of OWASP, a key component to compliance standards like PCI.
  • With 41 percent reporting they have over 100 Web applications or more, the majority (66 percent) test less than 25 percent of these applications for vulnerabilities.
  • More than half (53 percent) expect their Web hosting provider to secure their Web applications.
  • Of those respondents who own a Web application firewall, nearly 2 times agreed that a reverse proxy is a better and more secure technology than a transparent bridge technology.

“While IT practitioners recognize the criticality of secure Web applications, their organizations do not provide adequate resources and expertise to manage the risk,” said Dr. Larry Ponemon, chairman and founder, Ponemon Institute. “Over half of the respondents we polled believe they do not have resources to detect and remediate insecure Web applications, and 64 percent said they believe that their organization have inadequate governance and usage policies.”

The results of the survey from the Ponemon Institute are based on responses from 637 practitioners in a variety of industries with an average of 11 years of experience in their profession. The full survey analysis can be found at http://www.barracudanetworks.com/ns/downloads/White_Papers/Barracuda_Web_App_Firewall_WP_Cenzic_Exec_Summary.pdf.

Share

Posted in ID Theft, Internet Security Tips, phishing, Research, Security, Social Networking, Statistics, Web Security | No Comments »

Kanye’s First Week on Twitter: An Infographic Review pt. 2

Thursday, August 12th, 2010

By BarracudaLabs

In his first week on Twitter from July 28 to August 4, Kanye West sent 190 tweets. By the end of that first week, he reached 431,104 followers. We calculated the total amount of time that people spent reading @kanyewest tweets in one week. We estimated that each tweet took 3 seconds to read. We calculated how many people were following him at the time each tweet was sent. In total, 2,551,812 man minutes were spent reading @kanyewest tweets in one week. We then looked at what else could be done with that much time.

If one person had 2,551,812 minutes, here is what he could do:

Click one of the images below to view the graphic:

Share

Tags: , ,
Posted in Research, Social Networking, Statistics, Uncategorized | No Comments »

Kanye’s First Week on Twitter: An Infographic Review

Tuesday, August 10th, 2010

By Barracuda Labs

For the past year, we have released analysis on user behavior and malicious activity on Twitter. Just last week, Barracuda Labs released our 2010 Midyear Security Report that focuses on The Dark Side of Twitter and Search Engine Malware. On the same day, Kanye West joined Twitter. In March we explored the effect of celebrities joining Twitter in what we called the Twitter Red Carpet Era. We showed that during that six-month period, more than half of the top 100 users joined Twitter, causing a spike in overall usage and a subsequent spike in the Twitter Crime Rate (the number of accounts created and later suspended by Twitter because of suspicious or malicious use).

Kanye joined Twitter with a splash. First of all, he visited the Twitter offices that morning, but what’s more interesting is the rate at which he attracted followers. Since we have access to this data and machines constantly analyzing it, we decided to have a little fun. This week, Barracuda Labs will present a series of infographics that illustrate Kanye’s first week on Twitter.

Today, we show the first view. The first question that we wanted to answer was what kind of people are attracted to follow Kanye?  For example, do they follow other musicians or other types of people? We looked into several notable users to examine the overlap between Kanye’s followers and their followers.

BarracudaLabs.com - Kanye West Twitter Followers

Let’s review:

Taylor Swift: Taylor Swift and Kanye shared a moment on stage at last year’s MTV Awards when he interrupted her speech. He has since apologized to her and she accepted. Their followers seem to have followed suit as a substantial amount of people follow both Kanye West and Taylor Swift. In fact, 20% of Kanye’s followers also follow Taylor Swift. By the way, Taylor Swift joined Twitter 20 months ago during the Red Carpet Era and has since attracted 3.8 million followers.

Amber Rose: Amber Rose and Kanye West dated for several years, frequently an item at photoshoots and fashion shows. They recently moved on; however, their followers still appreciate both of them. In Kanye’s first week, more than half of Amber’s followers already follow Kanye. Further, Kanye has seven times more followers than Amber who joined two months ago.

Power: Kanye’s new song is called “Power” but let’s compare him to the most powerful person on Earth: the President of the United States. Kanye was a vocal supporter of Obama during his campaign. More than 190,000 of Obama’s followers already follow Kanye, showing that over one-third of Kanye’s followers also follow the President.

Perhaps Kanye’s followers are into political leaders of all parties. How about Newt Gingrich? Less than 5,000 of Newt Gingrich’s followers have decided to follow Kanye. This means that less than 1% of Kanye’s followers also follow Newt.

Stay tuned for more analysis on Kanye’s first week on Twitter – and on the overall Red Carpet effect. We think you’ll find the next few days very interesting… and possibly worth a Retweet of your own.

Meanwhile, follow us on Twitter at @barracudalabs for ongoing updates!

Share

Tags: , ,
Posted in Research, Social Networking, Statistics | No Comments »