The present invention relates to social networks and, more particularly, to a method and system for detecting that a user's account on the social network has been hijacked.
As modern society expands its human interactions through social networks on the Internet, and a new generation becomes reliant on these interactions, it is clear that the protection of one's identity in these social networks is growing to be a crucial task. There are increasing interests by many to abuse other's identity in social networks. These interests are not new, but are easier to achieve through the viral effect that the social networks provide.
The abusers do their best to take control of innocent users' accounts. Once that control is obtained, the abusers are able to spam more users, infect computers with malware, misuse the stolen accounts to steal money or virtual goods, or just harm the users' reputations. Usually the abuse includes at least one link to an external website which lures more users to give away their account credentials (Phishing).
When a person hijacks the credentials of another user, s/he may decide to “steal” the account by resetting the password—an action that will prevent the real user from accessing his/her account until s/he resets his/her password. However, it is more effective to abuse the user's account without resetting his/her password. This way, the hijacker can use the account for a long period of time, sometimes even for months, without the user's awareness that his/her account has been hijacked. The abuse will end when the real user realizes that his account contains changes that were not made by him/her, and only if s/he is knowledgeable enough to reset his/her password. Many users don't have this knowledge, and when they notice that spam or undesired content has been sent from their accounts, they ignore the problem without resetting their passwords.
The potential damage that users may suffer when they fall victims to account hijacking is significant. Their privacy and reputation are at high risk. Therefore, if an automatic way can be found to detect scenarios of hijacked accounts in close to real time, and to alert the victims, reputation damage can be reduced, the breach in their privacy can be minimized, and the viral spread of hijacked accounts incidents of account hijacking can be slowed down.