MANILA, Philippines -- With millions of people using social networking sites, these virtual communities have become viable targets for cybercriminals.
The number of features being added in these websites, particularly Facebook, could open potential holes for cybercriminals to exploit, thus providing opportunity for identity theft.
Executives from software security firm Symantec warn that while the numbers of threats remain minimal in social networking communities, there is still a huge opportunity for cybercriminals.
"Social networking services or SNS revolves around the trust given by one member to his or her group of friends. The idea that a person can exploit other "friends" in their community is unfathomable but that is exactly what cybercriminals are banking on,? said Symantec Asia Pacific consumer vice president David Freer.
?It is social engineering,? noted Freer, who visited Manila recently along with other Symantec officials.
In several studies conducted by Symantec, cybercriminals have evolved from being ordinary college hackers into sophisticated businesses operating within an illegal and underground economy.
Freer said that in the last three years, there has been an explosion of Internet threats, most of which target specific users with credit card details or relevant personal information that can be exploited for further use.
In mid-2009 alone, there had been 1.3 million known online threats found, more than half of last year's record. Social networking sites give cybercriminals a new platform from which to put their applications.
Likewise, Freer said malicious software have also evolved and that traditional virus signatures are being circumvented by the use of unknown codes that infect and embed themselves in some websites.
Freer noted that some Internet users may not be able to identify these malware and are unknowingly spreading it through social networking sites.
"There are at least four cybercrimes happening every second. Every one in five people are victims of some form of cybercrime," Freer said.
Freer also noted that even with a huge number of attacks online, weak government legislation remains one reason for lack of prosecution of known cybercriminals.
Freer likened the current lack of internationally followed anti-cybercrime law to the history of the anti-drug campaign. "It took years for lawmakers to create a law that is followed in other countries,? he said.
Meanwhile, Symantec Asia Pacific Regional Product Manager David Hall said that one of the best weapons used against organized cybercrime is to have their own organized anti-malware group.
Symantec's Norton Community Watch is composed of around 35 million Norton users worldwide.
The concept of this community is that the members' computers report the presence of suspicious software activities, report them to a central server, verified for content, and then report this to other members. This reduces the need for a few users to serve as "sacrificial lambs" in order to identify the presence of malware.
Essentially, it follows the same concept as social networking.
"You have to turn the tables against cybercriminals by using other malware watchers to protect each other," Hall said.