The popularity of social media and some of the latest mobile devices poses risks to companies, especially those that allow their employees to use these latest trends by tapping the enterprise network.
A recent cyber security bulletin noted that enterprises are increasingly targeted by cyber criminals who are attacking users of mobile devices and social media.
The mid-year cyber-threat intelligence bulletin by SonicWall noted an increase in malware targeting Android-based mobile devices and scams on social media websites.
The SonicWall bulletin, which derives information from its global resource network, noted that while cyber criminals have found ways to attack mobile devices on any platform, the growth of the Android market has made it vulnerable to rogue applications.
Cyber criminals trick mobile users by using long URLs which are usually truncated because of the small screens of mobile devices. Users are then tricked into opening links thinking they are trusted sites. The favourite applications to launch these attacks are the Apple Safari and Adobe Reader running on multiple operating systems.
SonicWall said Google, which purchased the original Android software developer, is actively removing these rogue applications, though some threats remain.
On social media, SonicWall also noted scams such as click-jacking on Facebook and malicious links sent over Twitter. SonicWall said these threats are "creating new and heightened levels of business vulnerability from data intrusion, theft and loss."
"Cyber criminals are focusing their attention on penetrating corporate networks and data through mobile workflow and applications. Employees innocently surfing dating sites via a mobile device or PC, that are in fact fake sites, or clicking on offers on Facebook such as a free McDonald's meal that are click-jacking scams, can have a catastrophic impact on data security, business continuity and profitability," said Ang Chye Hin, regional director for ASEAN, SonicWALL.
Social media lifestyle
"As social media has become part of the fabric of social and work-life, constant access to sites by employees from the corporate network is creating new levels of vulnerability," the bulletin read.
Click-jacking involves leading users to fake websites on surveys and other rogue applications through which confidential information is collected. On Twitter, messages with shortened malicious links can be activated simply by hovering over the links.
The bulletin compiled data from the SonicWall Global Response Intelligence Defense (GRID) Network, a global resource which gathers, analyses and correlates dynamic, real-time global cyber threats.
Data gathered further revealed that developed countries, such as the US and Canada, are most heavily hit by cyber threats. Other countries in the Asia Pacific region which made it to the list of top 10 countries most hit in the last 10 months include Taiwan, China, India and South Korea.
Sign up for Computerworld eNewsletters.