1. Field of the Invention
This invention pertains in general to security management for social networking websites, and more specifically to detecting malicious social networking profiles.
2. Description of the Related Art
Social networking services have opened up many new avenues to building social networks by allowing users to share information online and connect with a wide range of different users. Social networking services, such as FACEBOOK®, MYSPACE®, and LINKEDIN®, maintain profiles created by users of the service. A user's profile allows other users to learn about the user and communicate with the user. A user's profile includes, for example, information about the user, pictures posted by the user, a listing of the user's friends, and comments posted by users. The amount and types of information that can be shared in these social networking environments is vast.
Malicious entities have taken advantage of the resources of social networking services and have created malicious profiles. A malicious profile is created by a malicious entity with the purpose of deceiving users that access the profile. A malicious profile looks like a normal profile (e.g., a user profile), but in reality it is an image of a normal profile and the image is a hyperlink.
When a user accesses the malicious profile and clicks anywhere on the image, the hyperlink causes the user to be directed to the malicious entity's website or another website that is on a different domain than that of the social networking service's website. The website may contain content that the user is not interested in and/or content the user is not suppose to be looking at (e.g., pornographic content). The website may also try to obtain personal information from the user, such as social security number and credit card numbers. Accordingly, there is a need in the art for ways to detect malicious profiles.