Lately a lot of my friends’ Facebook accounts have been hacked and I’ve been getting stupid emails from whoever has hacked their account with links to who knows what (of course I don’t click on the links).
But the more important issue here, is that even if a social network has good privacy controls, and I maintain my own account securely, my information is only as secure as those accounts with whom I share it with. That’s not good.
Is there a fix for this? I imagine that my friends’ accounts were hacked using some sort of phishing scam and unfortunately those are pretty hard to defend against. However, seeing how Facebook makes it easy to “stay logged” in, perhaps they should use a two stage login process like banks do, and display a picture or a phrase chosen by the user to prove that they are really logging into Facebook and not an imposter site designed to snatch up credentials.
My gut is now telling me that fly-by-night website imposters are going to become more and more prevalant, and as such, DNS is going to become very very important!