Study finds many will give out personal info or confidential business data to a stranger they meet online

IT security workers oblivious to social networking risks

Most social network users are likely to accept a friend request from someone they don’t know, including many that work in the IT security sector, researchers have found.

Security software firm BitDefender took a cross-section of 2,000 users of a leading social networking site and found that 94 per cent accepted a friend request from an ‘attractive young lady’, with many sharing personal details with her, despite not knowing who she was.

31 per cent of those who accepted, bizarrely, worked in IT security, and were also the most likely to share personal data with the mystery female.

After a half hour conversation, 10 per cent of them disclosed information usually associated as answers to password recovery questions, such as their address, phone number and parents’ names. Two hours later, 73 per cent siphoned what appeared to be confidential information from their workplace, such as future strategies, plans and unreleased technologies or software.

“What is most intriguing is the fact that what people will probably never do in a face-to-face real-life situation is blatantly happening under the shelter of an alleged invisibility or anonymity that social networking can induce,” said Sabina Datcu, BitDefender’s e-threat analysis and communication specialist, who led the experiment.

“The reaction of IT security employees when confronted with possible privacy threats such as those described in the experiment, to some extent contradicts the general attitude towards such issues, as almost all security companies stress the risks associated with social networks.”

Over all, 53 per cent said they accepted the friend request because the woman had a ‘lovely face’, and only 13 per cent asked if they had met the woman before.

Check Also

Kaspersky reveals phishing emails that employees find most confusing

According to estimates, 91% of all cyberattacks begin with a phishing email, and phishing techniques are …