Sciweavers

WWW
2009
ACM

All your contacts are belong to us: automated identity theft attacks on social networks

15 years 3 days ago
All your contacts are belong to us: automated identity theft attacks on social networks
Social networking sites have been increasingly gaining popularity. Well-known sites such as Facebook have been reporting growth rates as high as 3% per week [5]. Many social networking sites have millions of registered users who use these sites to share photographs, contact long-lost friends, establish new business contacts and to keep in touch. In this paper, we investigate how easy it would be for a potential attacker to launch automated crawling and identity theft attacks against a number of popular social networking sites in order to gain access to a large volume of personal user information. The first attack we present is the automated identity theft of existing user profiles and sending of friend requests to the contacts of the cloned victim. The hope, from the attacker's point of view, is that the contacted users simply trust and accept the friend request. By establishing a friendship relationship with the contacts of a victim, the attacker is able to access the sensitive ...
Leyla Bilge, Thorsten Strufe, Davide Balzarotti, E
Added 21 Nov 2009
Updated 21 Nov 2009
Type Conference
Year 2009
Where WWW
Authors Leyla Bilge, Thorsten Strufe, Davide Balzarotti, Engin Kirda
Comments (0)