LinkedIn Confirmation Spam
Posted by cmannon in Social Networking on May 1, 2012
A sharp-eyed colleague of mine was following his daily routine of checking his e-mail and social media updates when he came across a curious e-mail from LinkedIn. LinkedIn was requesting confirmation of his e-mail address long after he had been a contributing member of the social network. To the casual onlooker, this would appear to be a legitimate request from the social network.
There are two clues to watch for when dealing with potential spam.
1) The e-mail address. Many spammers will use misspelling of the domain in question to lure the reader into a false sense of security. This is an old spammer trick.
2) The web address that appears when hovering over the link. In this case, it was leading to a pharmacy site with a .ru extension.
To be honest, it almost fooled me and here is why.
The verbiage is completely identical. The good news is that you’ll either be drug to a pharmacy site (pun intended) where there is no threat if you close the site. OR, you’ll be treated to a ‘failure to submit’ request by LinkedIn.
Either way, whether it’s email or social media, malware writers have many avenues from which to choose. They can prey upon the ubiquity of email or the trusted nature of social media. At the end of the day, no matter what the channel, users have to be on the lookout and mind their clicks.
Somebody’s Watching Me
Posted by doates in New Internet, Public IM, Social Networking, Web 2.0 on April 29, 2012
The last couple of weeks have seen UK newspapers filled with stories over UK Government plans to expand its monitoring activities to include email and social media. The two extreme ends of the point of view being it’s either the only way to stop criminal activity or one step away from a draconian privacy invasion something a kin to 1984.
Neither extreme is accurate. Obviously the more seriously criminally minded will start to use other methods of communication that are more secure, if indeed they are not already. In a humorous look of the proposed legislation comedian and presenter of the BBC’s Friday Night comedy, Sandi Toksvig recently conjured up the image of two terrorists in balaclavas talking to each other on Skype saying “Yes, I promise you it really is me under here.” However, with the right controls, it can play a significant role in the fight against crime.
At the same time, most people don’t have time to read their own email, let alone anyone else’s. If Government was planning on checking content, which incidentally it says it is not, then it would have to be using keyword or lexicon search.
Type “bomb site:twitter.com” into Google and it is easy to see that just the profile names of tweeters alone would keep someone busy for a long time let alone the messages, so it’s clear that some intelligence would need to be applied to make searching content worthwhile. It also highlights the challenges of scale, something that defeated the Labour government in its attempt to introduce similar legislation in 2009.
Perhaps one of the key issues is that of trust. With stories of local councils using RIPA (Regulatory Investigatory Powers Act) to accuse citizens of flouting the school catchment rules, it’s no wonder many people are wary of giving any government power to see who they call or chat to over the internet. If the TV programme Spooks is to be believed, the security services already have the technology anyway and are using it to listen in to every mundane conversation, text stream and email conversation anyway so what’s the difference? This of course is a long way from reality. However, the monitoring of suspicious traffic is a logical and more importantly, justifiable part of the crime-fighters armoury and with the massive strides being made in keyword and lexicon search and identification technology, also relatively easy to implement.
It is not the ability to listen-in to me telling the world what I am having for dinner on Facebook that is the issue, but how much control is in place to ensure we know who can listen to what.
The bottom line is that the growth of social and electronic media use by the criminal fraternity is a serious threat to our national security and well-being. Last summer’s riots grew at the pace they did because of the use of technology such as Blackberry Messaging, SMS and Twitter and monitoring will allow for the police and security organisations to react quickly and effectively to protect our safety. Terrorist communications have been proven to often be in the form of cleverly coded electronic communications.
“Ah”, I hear you say, “but what about human rights?”. Well, I think we have a decision to make – either we take the view that logically, there will be far too much traffic to allow for any investigator to focus on anything other than posts, tweets and blogs that trigger alarm bells OR we do nothing and run the risk of the criminal element enjoying unparalleled freedom of communication. The real issue is one of checks and balances to ensure responsible application of regulations around monitoring.
For this reason the UK Government, and indeed the others that are bound to follow suit, must ensure that the legislation protects society, whilst also protecting the rights of the individual.
When we look at most industry regulation today, that means implementing the technology to enforce a policy, archive it and provide a full audit trail to ensure that actions are accountable and that only authorised personnel have access. This technology is available today and its use needs to be factored into any policy discussion by government
Although we will have to wait until the full plan is revealed to truly analyse the consequences, I think it is inevitable that this type of legislation will eventually come into force. We live in a world where real-time communications is the norm, it is unrealistic to expect those we look to protect us to do so without the tools to combat others that use them for nefarious activities.
How to use social media to find employment?
Posted by himanshukec in Social Networking, Web 2.0 on April 25, 2012
This weekend, I was invited by my uncle to his place. On a gorgeous Sunday morning, when I reached his place, I found him playing on his laptop. I checked out what he was doing and, not surprisingly, he had four tabs open in his Firefox browser – one each for LinkedIn, Facebook, Twitter, and Google.
On the breakfast table, we started talking about gaming, politics, religion, science, and eventually employment. My uncle took me back to the early 70s, the time when he was young and struggling to find a job. He explained to me how the world was unconnected at that time. Telegraph was the only ‘fast’ medium for communication at the time (we’re talking India here). Job-related information was rare. Only a few newspapers and a few highly educated people were up-to-date on information and with the slowly changing social scene.
After more talking, I wondered how the man who had lived through several decades and witnessed many changes, especially how the world started connecting and how the information became easily available, viewed the Internet after it turned a gigantic world into a 14” (or even smaller) color screen.
The curious man was highly fascinated by social media because it gave him a chance to further narrow down the world. He was well-versed in the use of Facebook to connect and share with the people in his life and to make new friends with similar interests. However, he also wanted to explore more: “how could social media be used for employment?”
I, being a social media researcher, then decided to explore this possibility of social media with the old fella (though young in mind due to his curiosity). We started talking about LinkedIn, the biggest professional networking site in the world. We found it to be an effective platform in building a community of similar skills and job interests. New graduates can connect to professionals, join groups, and have a fairly good chance to attract HR managers by uploading an attractive CV. But, why wait for someone to come and look for your CV? The “Jobs” feature of LinkedIn appeals to not only fresh graduates but also the experienced folks. The feature can be used not only to explore available opportunities in the market but also to provide a useful medium to post job openings. Should HR managers have any concerns, there is “Hiring Solutions’ in the same drop-down menu to ease their lives.
Looking for a specific job in your dream company? Search by the company name in the search box.
Go to the Careers page.
In looking at the options, you find one that matches your profile and then you decide to apply for the job. Is it really that simple??
If you’re in dire need of a job, go for “Job Seeker Premium” account service, which doubles your chances of getting interviews and places your resume at the top of the heap, displaying it first to HR staff. Now, it totally depends on your profile if you land an interview. That’s why the LinkedIn team keeps informing you about your profile completeness.
The addition of fields like “Profile Overview,” “Specialties,” “Work experience, ” etc., may draw more attention to you. A potentially effective way to get noticed is to have several recommendations. Want job alerts in your mail? LinkedIn does that, too, offering users flexibility to choose among the most relevant options. LinkedIn can narrow down the results for you, if you provide enough profile information that helps the site with lexicon/keyword matching, thus enhancing relevance.
“Sharing a job update” quickly notifies all your connections. The message spreads quickly among your connections, with individuals being able to directly connect to the original sender. If the user wants to publish the information, he can check the Twitter symbol nearby the “Share” button. You never know when the micro-blogging site may help you in landing a job. Indeed, the possibilities are endless.
Facebook, too, is ready to expand its professional scope. The “Subscriber” feature, just like Twitter, allows you to follow experts, celebrities, and the persons you want to hear from. A job seeker, thus, can connect with HR managers, and if there is any news of a job, he could be notified via the Facebook Homepage. In addition, HR can use the social media giant to post various job-related information to make it accessible to a broader audience. Keep in mind that people’s mindsets are different for Facebook and LinkedIn. When a person logs into his or her Facebook account, s/he is more interested in getting updates of her/his loved ones and chatting with them than searching for a career-related solution. The biggest challenge facing Facebook is changing this user mindset. “Professional Feature” is totally dedicated to providing career-related solutions. “BranchOut” sensed this and started providing Facebook users a medium to build their own career communities.
Here, users absolutely have an added advantage to include everyone they know on Facebook. They have a good chance of becoming a member of a larger community. But, the question is, “Can a mere Facebook application compete against a dedicated site?” The current answer is a big “NO”. Yes, the future is dynamic and unpredictable, but in analyzing current statistics, one can easily anticipate a big NO again. At the end of the day, all users benefit – both socially and professionally.
It was at this time when my uncle’s wife also joined us at the table. We thought it best to end the conversation and shift the focus to family matters. However, my uncle and I decided to explore the potential of social media over the coming weekend since there was still some unfinished “business.”
What to do with IM & UC management post-Quest?
Posted by SarahActiance in Enterprise IM, Public IM, Unified Communications on April 9, 2012
For those who already utilize tracking, monitoring and control solutions for IM and UC infrastructure, it can be a real blow when you find out that your solution isn’t keeping current, or doesn’t plan to in the future.
In this real-time world, ensuring that your solution maintains the security, management and compliance of these real-time solutions is key to ensuring the future of your business. So what happens when your selected solution doesn’t?
Take the announcement from Quest that Policy Authority for UC has come to end of life and end of support at the end of last year. The hard part for customers is going to be pulling the pieces back together. No doubt you’ve transitioned your entire organization onto a specific platform, now only to find that it’s not keeping up to date with industry changes, or your vendor plans to stop development.
What should you do in that situation?
First, you should identify the timing of the change. Do you have three months or 12 months? Understanding your timeline can help you prioritize your next steps.
The next step is identifying a new partner that you can work with. Here are a few things to look for:
- Customer churn: How many customers have recently left them to work with a different vendor? This can also be indicative of the type of support you may receive
- Product roadmap: Has it been a while since they’ve deployed a new version of their solution? Do they support capabilities like Group Chat? Are they compliant with Live Meeting? Do they support the new Microsoft Lync Server? What about IBM Sametime Advanced? Skype?
- Company’s primary focus: Is security merely a component of their product offerings? Or, is security, management and compliance for the new Internet their primary focus?
- Social media capabilities: Do they support the big three (Facebook, Twitter and LinkedIn)? What are the specific features for each they offer?
- Partners: Who do they work with to get their updates? Are they members of industry organizations? Do they partner with platforms so they are the most up to date with new product and feature rollouts?
Why not – if this affects you, join us on one of our webinars, and look at just how easy it is to move!
If there are any doubts in your mind or issues that arise, it’s important to take a closer look at your relationship with this partner and reconsider the engagement.
In this day and age, it’s too easy to miss one update and find your network compromised. It’s critical to partner with a company who will be dedicated to your organization’s safety and success in real time communications – and who makes it their entire business, so that you don’t have to.
Social Media Scammers – New Frontiers of Aggravation
Posted by cmannon in Application Filtering, Malware, Privacy, Social Networking, Web Security on March 28, 2012
Any veteran of social media has at one time or another put face-to-palm when they see another one of their contacts trying to distribute yet another scam through their profile. There is no escaping it. Whether it’s a third-party application that promises free coupons or a tweet promising a free iPad, illegitimate offers wanting your PII (Personally Identifiable Information) are everywhere. If this were 10 years ago, you would hear me complaining about e-mail or IM spam. Sure these spam attempts still happen, but that is broad attacks at best. E-mail or IM spam doesn’t even know your gender most of the time, let alone what demographic you may fall under. That’s what makes Social Media spam such a lucrative trade. Never before have people been so compelled to give away so much information about themselves. The content that we end up posting on social network sites is so descriptive of our personal lives that even corporations are asking for your content during the interview process.
It’s not difficult to tell if someone close to you has been hit by a spam attack. If their profile has been hijacked, then you can expect to see the same messages to several friends – always with a shortened URL link. Your best defense is to be weary of links that you receive, even if they are from trusted sources. You should also take a moment to explore what privacy settings you already have in place. The goal should be to make sure that your information is not accessible without your explicit knowledge.
You should look at all social network privacy settings, not just Facebook.
Spammers are able to find you and send targeted attacks, if you share all of your information with the open web. Any kind of application that you use to access a social network is acting as the middleman for your data. This usually means that you are allowing them access to your data in exchange for their ‘free’ service. What they do with that information after they provide their service is up to them.
The application above collects basic information. This means any information that you have made public.
Before you click that link, be more skeptical. Does this person really want to give me free money? Unfortunately, we don’t live in that kind of world. The more likely answer is that they are looking to sell your information to advertisers for other scam attempts. I could be wrong of course. A smartly-dressed woman could always show up in a diamond -crusted Bentley with $500 and a promise of a new monetary system that will work out in my favor.
If it's a new cash system, why is she holding the old cash?
Let’s use a recent scam example seen on Facebook. A common attack method on Facebook is to create a third-party application that immediately redirects the user away from Facebook. This could be as harmless as trying to build SEO tracking to a site or propagating something malicious to your PC. In this case, it’s just a scam to get more traffic to a site selling shoes. It starts as most of these scam attacks start: a buddy clicked something they should not have and now a third-party application on Facebook is posting messages as them. To make sure that their friends view the content, they tag them in a picture.
41 lucky people got a free picture of gold shoes!
Now they’ve got you on the hook. If you happen to click that link, you are navigated first to a Facebook Application page that only redirects to a site not belonging to Facebook.
The Facebook page immediately redirects the user to another site not controlled by Facebook.
Applications like this one are a dime a dozen. Facebook has been under heat in the past for allowing this kind of activity. This is an unavoidable side effect whenever you provide an open web platform for users to create their own applications. Facebook deletes the malicious ones, but they haven’t done an outstanding job of policing these in the past. In this case, the user is immediately taken to a blogger page that looks like this:
SCAM DUNK
There are a few tools that you can use in your browser to make sure your exchanges on social media are kept as private as possible. I recommend Ghostery for detecting any invisible trackers that exist on most web pages. These are usually advertisers trying to capitalize on your digital presence. Unless you intend to read a 30-page EULA describing what they are allowed to do with your data afterwards, just block it. Another useful tool is called LongURL. This allows you to see the link you are about to click. It will also help you avoid getting hit by that one friend that is always rickrolling people.
Where’s the line between private and public data?
Posted by Jae Kim in Privacy, Social Networking on March 23, 2012
In case you haven’t noticed, the line between private and public data seems to be disappearing. Traditional notions of privacy are broken down by the pervasiveness of social media. New Internet users, especially teens, use social media as their primary mode of communication. This next generation of Internet users communicate via SMS and Facebook, share photos on Instagram, and watch YouTube videos from their iPhones. Online communication and interaction is natural to them.
 |
| User education is needed on what is private and what is public and how to ensure the right option is chosen. |
However, if you look at the privacy aspects of data, there is a paradigm shift in how user data is treated. Email and instant messages are clearly personal data meant to be shared with people that we are directly communicating with. Back in the day, this would be analogous to sending a letter via the United States Postal Service and making a telephone call on a traditional landline. On the other hand, posts made on Facebook and Twitter are visible to just about anyone. When you publish a post, you don’t really know who will see it – much like tacking a piece of paper to a cafeteria bulletin board. There is no privacy.
The blurred line between public and private has led to questionable practices such as demanding Facebook passwords to screen employees or students. What today’s Internet users have to understand is that privacy is dependent upon the communication channel in use. Sending a message on Facebook (public) vs. sending an email (private) mean different things. Your intent, or expectation of privacy, should be expressed by your choice of communication medium. Yet, this is often not the case. Because users have become so accustomed to communicating via social media platforms, they forget that unless they specifically choose their audience (via blocking or setting up lists of who can see the data), what they post is in the public domain.
What’s interesting, and somewhat alarming, is that this same confusion over public and private communications is happening at the enterprise level. The line between internal communication and external communication is increasingly difficult to discern. In the age of BYOD – Bring Your Own Devices – most employees have a smartphone with LinkedIn, Facebook, or Twitter apps, among others. In fact, many individuals utilize apps that manage all of their social platforms in one handy location, such as Seesmic, or it’s too easy to confuse the line and make the mistake of sharing too much information or using the wrong medium to communicate with people. At the same time, the need for a flexible tool that supports both modes of communications with clear safety measures is that much higher.
CODiE needs your vote
Posted by nleong in Social Networking on March 22, 2012
Actiance has been on a roll of late, with the latest being that Socialite Engage has been named a CODiE award finalist for Best Content Management Solution. Also nominated as a finalist for two other awards (SC Magazine Europe’s Innovation and FSTech’s Most Innovative Product of the Year), the accolades for Socialite Engage come on the heels of its successful launch at the end of January.
Socialite Engage helps organizations protect their brand and remain compliant while still allowing their users to maintain their own voice. Users can enhance their relationships with prospects and customers through the sharing of either pre-approved or customized content and can measure the impact of such content to better refine their engagement efforts. For instance, through the tracking of key connections, users can focus on those friends or followers who are most influential in social media circles.
Already, financial institutions like Raymond James are reaping the benefits of Socialite Engage to expand the customer base and increase revenue opportunities, while allowing their advisors the flexibility to craft their own messages without compromising compliance requirements. It really is the best of both worlds – building a brand while staying compliant.
So, check us out or vote for us if you’re an SIIA member. We’d love to keep the momentum going by adding to our haul and clearly Socialite Engage deserves to win!
Leaving the Nest
Posted by nleong in Social Networking on March 5, 2012
It always seems to happen. David Lee Roth went solo after his Van Halen run. Same for Peter Gabriel, Michael Jackson, Frasier from Cheers, and the list goes on and on. Going solo is just a natural progression for many folks and entities. People grow tired of one another. Politics come into play. Or, you just need a change of scenery, like what Zynga’s doing.
Zynga’s recent announcement of its own social gaming platform is significant for a number of reasons. Revenue diversification and weaning itself from Facebook are certainly noteworthy, but of even more import is the implication that it’s the content that matters, not the platform. Why do I say this? Well, Zynga’s new platform allows gamers to log in to Zynga.com and pick up exactly where they left off if they last played, say, CityVille, on Facebook and vice versa.
This seamless experience underscores the fluidity at which social media moves. Content changes dynamically. People follow, friend, and connect on a daily basis. And accessing social media sites through an array of channels just gets easier and easier. The explosion of smartphones and iPads underscores this synergy between mobility and social media.
API. Platform. Open. These are words you’re likely to hear and read everyday when it comes to social media. However, look under the covers and the content we know and love so much (e.g., Facebook Wall, Tweets, YouTube videos, Zynga games) is the real centerpiece. All of the content and the functionality within these sites are becoming platform-independent. We can access this content from our desktops, laptops, smartphones, whatever. The MVP is the content and how we get to that content is quickly becoming an afterthought.
Take, for instance, the “influencers” in the social media world. These are the power users of social media and the ones who have the network, the credibility (most of the time), and the content that draw people to them. If they didn’t have anything worth listening to or reading, I highly doubt they’d amass such huge followings.
So, just as David Lee Roth’s life has come full circle (he’s back with Van Halen again for those of you who haven’t heard), so too has King Content. Facebook, Zynga, and their ilk may grab all the sexy headlines, but at the end of the day, old-school themes like “compelling content” still reign supreme.
Welcome back, Dave.
Belbey Blogs: Blow Your Own Horn
Posted by belbey in Social Networking on March 1, 2012
The other day, on my daily walk at 7am, I saw a beautiful new cruise ship heading up the Hudson. She was surrounded by low flying helicopters, NYPD Fire boats spraying water a hundred feet in the air, and a flotilla of small boats. Magnificent.
I was unable to read the name on the bow and kept wondering, whose ship is this? As she passed lower Manhattan, she blew her horn. Nothing unusual in that. You see, many Captains sound their horns as they pass where the Towers fell, to honor the dead. However, instead of a long mournful blast, this was the first 5 notes of “New York, New York” (My- litt-le-town-blues). My fellow walkers stopped and clapped and smiled, and yet we still wondered, whose ship is this?
And then the Captain blew her horn again. The first seven notes of “When You Wish Upon A Star” rang out across Manhattan and New Jersey. Of course! Disney. And yes, when we looked more carefully, we could see Mouse Ears on the smoke stacks.
As it turns out, Disney’s newest cruise ship, the Fantasy, was making her maiden voyage from Germany, stopping in New York City to be christened, and then heading to her new home port of Port Canaveral.
So what does this have to do with social media? Everything.
We are beginning to shift the conversation from “No, we’ll be out of compliance” to “How do we do this well?”. We’ve learned social media is just another form of electronic communications and needs to be treated as such. We’ve also learned that once we have crafted our in-house social media policies and procedures, there are technology solutions such as Actiance Socialite, that we can trust to mitigate risk and keep us in compliance.
Now’s the hard part.
As marketers, how do we integrate social media into our corporate marketing strategy? After all, it’s just another tactic at our disposal. Over time, the tactics have evolved – public relations, direct mail, telemarketing, trade shows and events, email, websites — but, we’ve learned that to be successful, each marketing effort must reflect and reinforce the personality of the corporate brand and each point of contact must be part of a cohesive strategy. At the same time, we also must take the time to understand our audience so that we can version the message so that it resonates with our customers.
That’s exactly what Disney did. Through research, they uncovered the tradition of blowing the horn while passing the site of the World Trade Center. They then versioned the message to resonate with all New Yorkers by playing “New York, New York” and then reinforced their brand with a sound that is instantaneously recognized as Disney, “When You Wish Upon a Star.” Brilliant. And entertaining.
So using this example, Disney’s integrated marketing campaign generated press coverage by creating a special event, their website highlights the new ship (http://disneycruise.disney.go.com/), they tweeted about it (@DisneyCruise), and they are running sweepstakes and sharing video of the inaugural voyage of the Fantasy on their Facebook page (Disney Cruise).
How will you integrate social media into your marketing strategy?
Belbey Blogs: Let‘s Change the Conversation
Posted by belbey in Compliance, FINRA, Social Networking on February 8, 2012
At a meeting last week with a prospective client, while we were diving into freshly baked cookies (yes, that’s right, warm cookies, I love meetings in the Midwest), a compliance professional turned to me and asked me a question about “PAC files”. Really?
At that moment, I realized that it’s time to change the conversation.
For more than 2 years, we have been discussing how to use social media while complying with the financial services rules and regulations. After all, Financial Industry Regulatory Authority (FINRA) issued its first Regulatory Notice 10-06 in January of 2010, followed by the Financial Services Authority (FSA), Financial Promotions Using Social Media, and then came Cir/ISD/1/2011 from the Securities and Exchange Board of India (SEBI), then more guidance from FINRA with Regulatory Notice 11-39 followed by Investment Industry Regulatory Organization of Canada (IIROC) issuing 11-0349, and the Securities Exchange Commission (SEC) alerts early this year, that included Investor Adviser Use of Social Media. In addition, the National Association of Insurance Commissioners is drafting The Use of Social Media in Insurance. We have even seen the Massachusetts Securities Division issue a letter to Registered Investment Advisers on the use of social media.
Fundamentally, we are reminded by all these regulators that social media is just another form of written communications, and needs to be treated as such. Existing rules around recordkeeping, suitability, advertising, and supervision are media-neutral and all apply. Content, not the device is determinative. And the regulators are only interested in business communications. With the release of each new set of guidance, there are lively conversations about how to interpret and apply some of the rules to specific features across the social networking sites, however, at this point, the message is clear, spirit of the guidance is to protect the investor.
As none of the native social networking sites have ability to support these compliance requirements, project managers, IT and Security have been having their own discussions. Third party vendors have been identified, requirements outlined, demo after demo watched, pilots launched, RFPs written and evaluated, matrixes comparing vendors developed and analyzed, budgets submitted, resources assigned and contacts negotiated. In some cases, upward of 30 people from within the enterprise have been involved in all these conversations. No wonder the compliance professional had heard about “PAC files”.
In the meantime, the lines of business, marketing departments, investor relations, human resources, research, customer service, and savvy financial advisors are chomping at the bit to start using social media to nurture existing relationships, attract new clients, build brand awareness, share information, do recruiting and conduct research. Maybe they have heard the statistics: more than 47% of Boomers use social media in some form (Forrester Research, June 2011) and the heaviest users of social media, Gen Y (ages 18-30) hold more than $2.4 trillion in personal income and by 2025 will control more than 46% of the personal wealth in the United State (Javelin Research). They want to speak to the language of their clients and prospects. Or maybe, they have heard the stories about how financial advisors are beginning to generate business. Like the advisor at a large broker-dealer who captured a new $2 million dollar account after noticing that a LinkedIn connection had retired. Or the advisor who attracted a $1 million prospect after only 96 tweets and with only 51 followers.
So now that you ensured that your firm will be in compliance with the rules and regulations and you have decided which technology solution to use, let’s change the conversation. Let’s talk about training, integrated marketing, content strategy and measurement. And how you will begin to support your Financial Advisers’ use of social media to build their business.
