FutureSoft Warns UK Of Dangers Of MySpace

XSS Attacks Becoming Rife On Social Networking Sites Says Endpoint Security Specialist

HOUSTON, TX-January 29, 2007

FutureSoft Inc., a leader in endpoint security solutions, today highlights three areas of concern for UK businesses with respect to social networking sites such as the massively popular MySpace and FaceParty. The company warns that such sites, used by over 550 million people worldwide, expose the organization to potentially more than just a bit of time-wasting.

Although the draw of social networking sites that offer an interactive, user-submitted network of friends, personal profiles, blogs, groups, photos, music and videos is attractive to many employees, they are increasingly open to attack. The three main areas of concern identified by FutureSoft are:

• Sharing Confidential Data – There is a concern that employees may share confidential company data on social networking sites. FutureSoft recommends that companies should treat them in the same way as other online media, such as email communication and IM, and include them in the company’s usage policy document.
• Libelous Statements – Employees could be drawn into making statements on a site that reflect badly on the company itself and could mean that the employee brings their employer into disrepute.
• XSS attacks – First seen in October 2005 on MySpace, cross-site scripting (XSS) is a form of attack to which social networking sites have been vulnerable, that allows code injection by malicious web users into the page viewed by the innocent employee.

“Sites that encourage user-generated content will be vulnerable to XSS attacks.  Indeed, there have been several associated with social networking sites like MySpace seen already,” comments FutureSoft Security Product Manager, Geoff Webb. “To what extent these types of sites will be used by aggressive data thieves remains to be seen, but the risk is certainly there and employers should be aware of it. If employees are regularly visiting social networking sites from within the corporate network, they may be exposing the organization to more than just a bit of time-wasting.”

Malware, such as viruses, worms, spyware and other potentially unwanted software found lurking on social networking sites can cause a wide range of problems, including theft of personal information, slower PC performance and the appearance of unwanted advertising (such as pop-up ads). The effects of malware can range from mere annoyances to significant problems that take a considerable amount of time and money to fix.

FutureSoft’s DynaComm i:scan is an application which enables enterprise administrators to find and remove spyware, adware, games, instant messaging clients, peer-to-peer file sharing tools as well as a host of other security threats, all from a central console without the need to install software directly on the end-user PC.

About FutureSoft

Founded in 1982, FutureSoft is an international software company focused on the development of Endpoint Security solutions. The DynaComm i:series product family, DynaComm i:scan and DynaComm i:mail, allows organizations to manage or eliminate a broad range of threats by providing in-depth security defense. For more information, contact Futuresoft at (800) 989-8908, (281)496-4900, send an e-mail, or visit the company’s Web site at www.futuresoft.com.

###