Exposing of users identity trough social networks groups
 A group of researchers have discovered a simple way to reveal the identity of a user based on his interactions with social networks (such as Facebook).
The 'deanonymization' attack uses combination of social network groups and some traditional browser history-stealing tactics. That is group of techniques that allows attacker to peek at a user's URL browsing history so he could see list of visited social network groups. Researchers say that attack is successful because of unique group fingerprint for all users. However successful executing requires visiting of malicious website that contains the attack code. Criminals could use it for executing phishing attacks, criminally fraudulent process of attempting to acquire sensitive information. Some methods of protection include turning off browsing history or using private-browsing mode. Also, social networks should change the way their web applications use hyperlinks to transfer information. Original article was published on DarkREADING web site. |
