A Mitigation Approach to the Privacy and Malware Threats of Social Network Services

In the past few years, there has been a substantial growth in the number of users who employ social network services (SNS) for communicating and sharing information with their friends. Notwithstanding many plus points of SNSs, they have some drawbacks which can be potentially misused by perpetrators for their destructive goals. Owing to a massive amount of personal data stored and exchanged on SNSs and the simplicity of gaining access to the vast majority of data using illegitimate methods like social engineering techniques, these services are highly vulnerable to privacy intrusion threats. Moreover, the tremendous number of users of SNSs and a variety of communication features provided by these services, make SNSs as a suitable target for virus authors to employ them for infecting users’ machines. This paper investigates threats, vulnerabilities, and risks that endanger privacy of SNS users. It also encompasses techniques used by cybercriminals for propagating malicious software (malware) and launching attacks against victims’ machines through these services. The paper eventually presents a set of recommendations to eliminate or mitigate the privacy and malware risks of SNS.