One thing I’ve learned from years in security is that if it makes financial sense for hackers to exploit something, eventually they will.

And social networking is not immune. According to security firm Panda, since 2008 a malicious virus called Koobface has attacked and hijacked the pages of thousands of Facebook and Twitter users, and has been so successful in attacking these sites it has spawned more than 4,000 variants.

So why target MyTwitFace? Follow the money. According to Panda, for an investment of just $1,500, hackers can purchase a program that can automatically hack into web pages and use those infected pages to generate anywhere from $21,000 to $847,000 in profits in just one month.

What they’re usually after is personal information that can be used in identity theft. So just think of the information you may already post and share that hackers could use in identity theft – information like your name, date of birth, home address, work address, current employment, employment history, mother’s maiden name, family, friends, pets, your first school, favorite teacher, vacation plans, likes and dislikes, even photos of you and everyone you know. The list is endless.

Not only are attacks and exploits very successful in harvesting tons of personal information, by getting into your social circle hackers are trying to get into your computer. Many of the exploits use email and message links supposedly from friends to divert you to web sites with malicious downloads.

Or the next birthday card or party invite from one of your circle of friends could actually download a data stealing Trojan or keylogger on to your computer on the hunt for your bank account login info.

Armed with an endless amount of personal information about you and your past – all information freely volunteered by you on your Facebook or Twitter page – how easy would it be for someone to pose as a head hunter or a long lost classmate and trick you into clicking on something?

And careless whispers could also get you into trouble at work, if you use social networking to disparage competitors, say unpleasant things about your boss or co-workers, or inadvertently reveal some private or sensitive corporate information.

The risk is so great, security firm Sophos estimates that about half of all companies in the U.S.  block some or all access to social networking sites because of security fears.

And even Twitter itself is not immune. Twitter has suffered an embarrassing string of hacks and breaches in just the last few months, the most recent involving the email account of Twitter’s own CEO. Apparently hackers found that server admin passwords, essentially the keys to the kingdom of Twitter, included easy-to-guess words like “happiness” and even, can you believe it, “password.”

Years ago I worked in an industry where telephone eavesdropping was very common, and most of the phones I used had warning stickers that cautioned users to “Mind what you say!”

Different times, different technology, but the same rules.

Related posts:

1. When a Stranger Comes Calling: Why Social Networking Could Be Fueling a New Era of Digital Burglars For today’s digital criminal, whose bread and butter is information...

Related posts brought to you by Yet Another Related Posts Plugin.