Analysis of typical attacks conducted on social networking systems, including the password mechanisms
Online social networks have changed the way people interact, allowing them to stay in touch with their acquaintances, reconnect with old friends, and establish new relationships with other people based on hobbies, interests, and friendship circles. Unfortunately, the regrettable concurrence of the users’ carefree attitude in sharing information, the often sub-par security measures from the part of the system operators and, eventually, the high value of the published information make online social networks an interesting target for crackers and scammers alike. The information contained can be used to trigger attacks to even more sensible targets and the ultimate goal of sociability shared by the users allows sophisticated forms of social engineering inside the system. This work reviews some typical social attacks that are conducted on social networking systems, carrying real-world examples of such violations and analysing in particular the weakness of password mechanisms. It then presents some solutions that could improve the overall security of the systems.