Thursday, December 27, 2012
Using SNA to assess the potential success of a angel or venture capital investment
Venture capitalists and business angels often form "alliances" or syndicates to invest in start-up companies.
The goal of the research:
Analyse how a pool of investors is interconnected (social connections and collaborative connections) and identify patterns between the density of the network, closeness of investments (same industry / ...), and success of investments, and does a network of investors with a high density affect companies creations in a specific area?
Furthermore, is a well connected network of a company's investors correlated with successful growth or exits?
This research could also provide a tool to measure one's own distance from an attractive "clique" of investors and thus finding an appropriate way to more easily access capital for startup founders.
Attributes needed:
-Is the person a Business angel or VC?
-# of successful exits the investor made
-# of deals the investor made
-Name of companies invested in
-Target industries
-Region.
For the collaborative connections between investors, ie those that have coinvested in a same company, various databases exist for venture capital companies and individuals that disclose names of the target companies, amounts invested, exits.
For angel investors, there are a lot of country-wide networks that disclose name of the members, but investments are not disclosed. It is therefore needed to survey these investors with a questionnaire.
For the social connections between investors, a rough research could be done over internet social networks such as linkedin and twitter to assess if they are 1.connected (linkedin connections / follower-following) 2.one way or two ways (has "tweeted" but didn't receive a reply ...) which can also be a proxy for the strength of the connection.
It would however be a first step for a more detailed analysis which can only be pursued with questionnaires and extensive research.
Wednesday, December 26, 2012
2012 Social Network Analysis Report – Demographic – Geographic and Search Data Revealed
http://www.ignitesocialmedia.com/social-media-stats/2012-social-network-analysis-report/
The Future of Social Networks as Interpreted by 21 Social Media Practitioners
http://www.ignitesocialmedia.com/social-networks/the-future-of-social-networks-2012/
Saturday, December 22, 2012
2013 Digital and Social Marketing Emerging Trends
With the new year just around the corner, here are some new new trends for 2013.
Digital Marketing Trend Projections for 2013
Change is constant and in the digital marketing arena this is only accelerated. As we approach 2013, it’s worthwhile for businesses to look ahead and consider emerging tech trends that could benefit their business.
Here’s a roundup on some key emerging trends:
Social Media Marketing Goes Mainstream
Social media marketing gained an exceptional amount of steam in 2012, as parties ranging in size from international brands to local businesses jockeyed to start (or grow) their efforts and social presence. As 2013 looms, social media marketing is set to become a top priority marketing tactic. Businesses recognize that social networks are where their targeted customers are spending huge amounts of time. With this knowledge, prepare to see marketers shift their dollars to the social arena, in order to best reach new customers and grow existing customer loyalty.
Consumers Become the Marketer
With changes in search engine ranking algorithms by Google, and the rise of social media, the shift from SEO link building to online content marketing will grow. Digital marketers have said that “content is king” for what seems like ages, but a new trend is emerging where both king and queen tango — and the queen is consumer engagement multiplication. Great content is always necessary, but the need and potential of engaging consumer messengers moves to the forefront in the year ahead. Consumer messengers are influencers who have the ability through their social sharing to take content messages to their own networks and to the masses, greatly extending the reach of brand marketing efforts.
Gaming Goes Mainstream
The rise of gamification, rewards as part of participating, will become more mainstream. Gaming isn’t new, of course, and it’s been an end in itself where in-game purchases are made of marketed products. In 2013, though, game strategies will extend further into the everyday marketing sector as a significant strategy, not just within the online game industry. Tools for social networks that have a game component – and that incentivize social sharing as part of the promotions – will be on the rise as research shows consumers respond to them.
Cross-Social Network Promotions
Social marketing promotions will reach across platforms, bringing two or more social networks into play during a promotion. Instead of relying just on Facebook, promotions will grow by incorporating additional social networks intertwined in a promotion. We’re already seeing promotions that are based on a Facebook page, but require a Pinterest, Twitter, or Instagram-integrated component as part of the entry and participation process.
Rise of SoLoMo Opportunities
SoLoMo, the intersection of social, local, and mobile marketing efforts, will hit the mainstream. Tools to offer location-based specials will be widely available. While in-store, businesses can utilize QR codes and signage to drive users to their social sites for further connection.
The evolution of digital marketing continues, and the savviest marketers have already benefited from recognizing consumers’ eagerness to share content on social media; interact with their preferred brands; and receive rewards for sharing marketing messages. The trends outlined here are no longer experimental — they are gaining steam so plan ahead to get your business in the mix!
Thursday, December 20, 2012
The Ultimate Timeline Of Social Networks, 1960-2012
It's nice to have some idea howsocial networks developed. Just take this as a supplementary reading. Hope it's not too late:)
http://www.mediabistro.com/alltwitter/social-networks-timeline_b19497
http://www.mediabistro.com/alltwitter/social-networks-timeline_b19497
Recruiting, Reinvented: How Companies Are Using Social Media In The Hiring Process
Employers use social media to screen job candidates. Maintain your information on line from time to time, engage in communities you are interested as they also became one important reference for employers nowadays.
The links below would give us a better idea on how employers would use this information to pick up people.
http://www.forbes.com/sites/lisaquast/2012/05/21/recruiting-reinvented-how-companies-are-using-social-media-in-the-hiring-process/
Background of the interviewee: Chirag Nangia, CEO of Reppify, a San Francisco-based business that uses integrated social media data to help companies find the right hires.
The links below would give us a better idea on how employers would use this information to pick up people.
http://www.forbes.com/sites/lisaquast/2012/05/21/recruiting-reinvented-how-companies-are-using-social-media-in-the-hiring-process/
Background of the interviewee: Chirag Nangia, CEO of Reppify, a San Francisco-based business that uses integrated social media data to help companies find the right hires.
Social Network Analysis Presentation
This is interesting YouTube video presentation on social networking analysis in "action" based on Enron case which we briefly discussed during our class.
Also a good brief recap of things we have learned during the lecture.
Also a good brief recap of things we have learned during the lecture.
NetworkEffect - Transform your Social Network into your Professional Network
Check out this tool called Network Effect!
NetworkEffect - Transform your Social Network into your Professional Network
Connect to companies through your friends and build your professional network
http://www.networkeffect.com/home#_=_
It turns your Facebook into Professional Network.... Interesting. I think they have also SNA tools running on background to do it. It's sort of competitor to LinkedIn
This may be useful tool for some of us to look for job opportunities before graduation ;)
What are network effects?
What are network effects?
A product displays positive network effects when more usage of the product by any user increases the product's value for otherusers (and sometimes all users). While formally different from and a more general concept than network externalities, much of the theory underlying network effects was developed to study network externalities, and the two terms are still used interchangeably. You can get a clear overview of the differences between the two concepts by reading Stan Liebowitz's Network Externalities (Effects). Other terms that refer to the same (or related) effects include positive externalities and demand-side economies of scale. Surveys of research on the economics of network effects can be found in Economides 1996 and Farrell and Klemperer 2001.
How common are network effects?
Network effects were first studied in the context of long-distance telephony in the early 1970's (one of the earliest papers on the topic is Rohlfs 1974). Today, they are widely recognized as a critical aspect of the industrial organization of IT industries, and are prevalent in a wide variety of sectors, including software, microprocessors, telecommunications, e-commerce and electronic marketplaces. Empirical evidence of network effects has been found in product categories as diverse as spreadsheets (Brynjolfsson and Kemerer 1996), databases (Gandal 1995), networking equipment (Forman 2001) and DVD players (Dranove and Gandal 2003)
A closer look at network effects
There are a more complex and subtle set of economics issues that may underly this simple characterization of network effects. A brief outline of some of them:
Direct network effects: The simplest network effects are direct: increases in usage lead to direct increases in value. The original example of telephone service is a good illustration of a product that displays direct network effects. This is the kind of network effect modeled by most work in this area, including the papers by Katz and Shapiro 1985 and Farrell and Saloner 1985, which many academics consider the most influential.
Indirect network effects: Network effects may also be indirect, where increased in usage of the product spawns the production of increasingly valuable complementary goods, and this results in an increase in the value of the original product. For instance, while there are some direct network effects associated with Windows (arising out of file compatibility), the indirect network effects that arise from the increased quality and availablity of complementary applications software are probably much more important. Economides and Salop 1992 provided one of the earliest frameworks and insight into the economics of indirect network effects; an interesting recent paper by Church, Gandal and Krause argues that indirect network effects also give rise to adoption externalities.
Two-sided network effects: Network effects can also be two-sided: increases in usage by one set of users increases the value of a complementary product to another distinct set of users, and vice versa. Both Rochet and Tirole 2001 and Armstrong 2002 provide accessible and clearly explained overviews. Hardware/software platforms, reader/writer software pairs, marketplaces and matching services display this kind of network effects. In many cases, one may think of indirect network effects as a one-directional version of two-sided network effects.
Local network effects: The microstructure of an underlying network of connections often influences how much network effects matter. For example, a good displays local network effects when rather than being influenced by an increase in the size of a product's user base in general, each consumer is influenced directly by the decisions of only a typically small subset of other consumers, for instance those he or she is "connected" to via an underlying social or business network (instant messaging is a great example of a product that displays local network effects). The extent of clustering in the network as well as the extent of information each customer possesses may become relevant in this context.
Here's an early paper that studied local network effects and complex network structure. There is now a growing literature studying more general network games. These new models draw actively from the 'science of networks', and a good place to start understanding this is by reading Mark Newman's remarkable survey on the structure and function of complex networks.
Compatibility and standards: In order for IT products to derive the benefits of network effects from each other, they need to be compatible. This often poses strategic trade-offs for firms, between the performance and backward-compatibility of evolving product lines, and between openness and control of core technologies. Moreover, ensuring the evolution of shared technology standards is critical in network industries, which can be difficult when competing technology firms each want their R&D to be well-represented.Shapiro and Varian's book have very insightful material on these issues; an interesting recent formal model of standard-setting is provided by Farrell 1996
A few economic consequences
When increases in usage cause an increase in value across all users, this creates a form of increasing returns, which changes the nature of competition substantially. Theories of competition in network industries emphasize the path dependence of outcomes, and suggest that early leads are important, intrinsically inferior products will frequently dominate superior products, and influencing customer expectations plays a crucial role in 'winning' in a network market. Brian Arthur's papers are particularly instructive on some of these issues.
These increasing returns often lead to an equilibrium in which a single firm or product dominates an industry segment. Witness Microsoft's near-total control over the office productivity and US desktop operating systems market, and the substantial profits they are able to generate from these product lines (combined operating income of over a billion dollars a month). Whether or not this is an efficient outcome was one of the secondary points of discussion in the recent Microsoft antitrust trial, and interesting perspectives were provided by, among others, Franklin Fisher, Richard Schmalensee and Nicholas Economides. Some of this discussion suggests that due to the persistent threat of entry, the equilibrium market structure of a network industry is often entry-deterring (rather than unfettered) monopoly, with the installed base of users serving as the deterrent; this idea has been modeled formally in Fudenberg and Tirole 2000; the effects of an entry threat on a network monopolist's ability to price-discriminate is studied in Sundararajan 2003.
Selected other links that I've found both interesting and useful
Brian Arthur's papers: Some of his widely read papers on increasing returns, path dependence and technological lock-in when firms compete in markets with network effects (and related characteristics).
The Economics of Networks: Nicholas Economides' site dedicated to network economics, the Microsoft case, telecommunications policy and related subjects. A remarkable collection of links to research papers on the subject.
Stan Liebowitz's page: Lots of information and links, as well as information about his books. If you're relatively new to the subject of network effects, I highly recommend his article Network externalities (effects)
The structure and function of complex networks: A great survey of the 'science of networks', covering topics that include random graphs, an excellent basis for modeling the structure and dynamics of networks, economic or otherwise. Written by Mark Newman, who is pretty prolific on the topic. Other interesting sites along the same lines include the Linked page and resources onscale-free and small-world networks from the International Network for Social Network Analysis.
The Tipping Point: Malcolm Gladwell's book about the dynamics of epidemics and related social phenomena. For anyone interested in delving deeper into the structural and dynamic aspects of network economics, reading this book is bound to generate ideas.
A product displays positive network effects when more usage of the product by any user increases the product's value for otherusers (and sometimes all users). While formally different from and a more general concept than network externalities, much of the theory underlying network effects was developed to study network externalities, and the two terms are still used interchangeably. You can get a clear overview of the differences between the two concepts by reading Stan Liebowitz's Network Externalities (Effects). Other terms that refer to the same (or related) effects include positive externalities and demand-side economies of scale. Surveys of research on the economics of network effects can be found in Economides 1996 and Farrell and Klemperer 2001.
How common are network effects?
Network effects were first studied in the context of long-distance telephony in the early 1970's (one of the earliest papers on the topic is Rohlfs 1974). Today, they are widely recognized as a critical aspect of the industrial organization of IT industries, and are prevalent in a wide variety of sectors, including software, microprocessors, telecommunications, e-commerce and electronic marketplaces. Empirical evidence of network effects has been found in product categories as diverse as spreadsheets (Brynjolfsson and Kemerer 1996), databases (Gandal 1995), networking equipment (Forman 2001) and DVD players (Dranove and Gandal 2003)
A closer look at network effects
There are a more complex and subtle set of economics issues that may underly this simple characterization of network effects. A brief outline of some of them:
Here's an early paper that studied local network effects and complex network structure. There is now a growing literature studying more general network games. These new models draw actively from the 'science of networks', and a good place to start understanding this is by reading Mark Newman's remarkable survey on the structure and function of complex networks.
A few economic consequences
When increases in usage cause an increase in value across all users, this creates a form of increasing returns, which changes the nature of competition substantially. Theories of competition in network industries emphasize the path dependence of outcomes, and suggest that early leads are important, intrinsically inferior products will frequently dominate superior products, and influencing customer expectations plays a crucial role in 'winning' in a network market. Brian Arthur's papers are particularly instructive on some of these issues.
These increasing returns often lead to an equilibrium in which a single firm or product dominates an industry segment. Witness Microsoft's near-total control over the office productivity and US desktop operating systems market, and the substantial profits they are able to generate from these product lines (combined operating income of over a billion dollars a month). Whether or not this is an efficient outcome was one of the secondary points of discussion in the recent Microsoft antitrust trial, and interesting perspectives were provided by, among others, Franklin Fisher, Richard Schmalensee and Nicholas Economides. Some of this discussion suggests that due to the persistent threat of entry, the equilibrium market structure of a network industry is often entry-deterring (rather than unfettered) monopoly, with the installed base of users serving as the deterrent; this idea has been modeled formally in Fudenberg and Tirole 2000; the effects of an entry threat on a network monopolist's ability to price-discriminate is studied in Sundararajan 2003.
Selected other links that I've found both interesting and useful
I was making my strategic management assignment on LinkedIn company. During research I have found this interesting article from NYU Stern (which I visited in March 2012). Quite interesting to see how network effect is affecting economics and business. SNA therefore is a great tool to exploit Network Effect possibilities.
Link to resource for educational purposes:
http://oz.stern.nyu.edu/io/network.html
Monday, December 17, 2012
Massive-scale online collaboration and its application
Do you know Captchas? These awful and most of the times somewhat unreadable combinations of numbers and/or letters you are asked to enter on some web sites in order to verify that you are actually a human being and not a robot or malware program? If the answer to that question is "yes", then you might also have been struck by the thought that every time you enter these characters a small part of your valuable life time is just wasted. But it is not.
Did you know, that you are actually helping to digitize books and other content by entering these captchas? Through massive scale online cooperation we are all contributing a little bit to the digitization of human knowledge. Also, by using the free online language learning web site Duolingo people are not just improving their abilities in speaking a foreign language but they are also helping to translate web content (e.g. Wikipedia articles) from one language to another supporting the sharing of knowledge across language boundaries. Awesome!
If you are interested I suggest you watch this very inspiring TED talk about this topic here:
Did you know, that you are actually helping to digitize books and other content by entering these captchas? Through massive scale online cooperation we are all contributing a little bit to the digitization of human knowledge. Also, by using the free online language learning web site Duolingo people are not just improving their abilities in speaking a foreign language but they are also helping to translate web content (e.g. Wikipedia articles) from one language to another supporting the sharing of knowledge across language boundaries. Awesome!
If you are interested I suggest you watch this very inspiring TED talk about this topic here:
Luis von Ahn: Massive-scale online collaboration
Internet Social Networking Risks
By Huizhen Xu (M13)
Social Network is and will continuely revolutionize business interactions, just like internet did on business a decade ago. However, internet-based social networking will also cause risks, which we need to take care about. Since we will not abandon the access of social network because of the potential risks, an important issue could be how to reduce the risks to the minimum range.
The following passage from FBI may be useful and quite practical in that it not only tell us how to identify those "tricks", but also how to prevent.
Here is the passage:
Internet Social Networking Risks
By FBI
(Source: http://www.fbi.gov/about-us/investigate/counterintelligence/internet-social-networking-risks)
Internet-based social networking sites have created a revolution in social connectivity. However, con artists, criminals, and other dishonest actors are exploiting this capability for nefarious purposes.
There are primarily two tactics used to exploit online social networks. In practice, they are often combined.
1. Computer savvy hackers who specialize in writing and manipulating computer code to gain access or install unwanted software on your computer or phone.
2. Social or human hackers who specialize in exploiting personal connections through social networks. Social hackers, sometimes referred to as “social engineers,” manipulate people through social interactions (in person, over the phone, or in writing).
Humans are a weak link in cyber security, and hackers and social manipulators know this. They try to trick people into getting past security walls. They design their actions to appear harmless and legitimate.
Falling for an online scam or computer hack could be damaging for an individual victim as well as the organization the victim works for. Such risks include:
Vulnerability of Social Networking Sites
Social networking sites are Internet-based services that allow people to communicate and share information with a group.
Risks:
Once information is posted to a social networking site, it is no longer private. The more information you post, the more vulnerable you may become. Even when using high security settings, friends or websites may inadvertently leak your information.
Personal information you share could be used to conduct attacks against you or your associates. The more information shared, the more likely someone could impersonate you and trick one of your friends into sharing personal information, downloading malware, or providing access to restricted sites.
Predators, hackers, business competitors, and foreign state actors troll social networking sites looking for information or people to target for exploitation.
Information gleaned from social networking sites may be used to design a specific attack that does not come by way of the social networking site.
Tactics:
Baiting - Someone gives you a USB drive or other electronic media that is preloaded with malware in the hope you will use the device and enable them to hack your computer.
Do not use any electronic storage device unless you know its origin is legitimate and safe. Scan all electronic media for viruses before use.
Click-jacking - Concealing hyperlinks beneath legitimate clickable content which, when clicked, causes a user to unknowingly perform actions, such as downloading malware, or sending your ID to a site. Numerous click-jacking scams have employed “Like” and “Share” buttons on social networking sites. Disable scripting and iframes in whatever Internet browser you use. Research other ways to set your browser options to maximize security.
Cross-Site Scripting (XSS) - Malicious code is injected into a benign or trusted website. A Stored XSS Attack is when malicious code is permanently stored on a server; a computer is compromised when requesting the stored data. A Reflected XSS Attack is when a person is tricked into clicking on a malicious link; the injected code travels to the server then reflects the attack back to the victim’s browser. The computer deems the code is from a “trusted” source.
Turn off “HTTP TRACE” support on all webservers. Research additional ways to prevent becoming a victim of XSS.
Doxing - Publicly releasing a person’s identifying information including full name, date of birth, address, and pictures typically retrieved from social networking site profiles.
Be careful what information you share about yourself, family, and friends (online, in print, and in person).
Elicitation - The strategic use of conversation to extract information from people without giving them the feeling they are being interrogated. Be aware of elicitation tactics and the way social engineers try to obtain personal information.
Pharming - Redirecting users from legitimate websites to fraudulent ones for the purpose of extracting confidential data. (E.g.: mimicking bank websites.)
Watch out for website URLs that use variations in spelling or domain names, or use “.com” instead of “.gov”, for example. Type a website’s address rather than clicking on a link.
Example:
Most computer infections come from websites. Just visiting a website can expose your computer to malware even if you do not download a file or program. Often legitimate sites may be unknowingly infected. Websites with information on popular celebrities or current sensational news items are frequently hijacked by criminals, or criminals may create such websites to lure victims to them.
Phishing - Usually an email that looks like it is from a legitimate organization or person, but is not and contains a link or file with malware. Phishing attacks typically try to snag any random victim. Spear phishing attacks target a specific person or organization as their intended victim.
Do not open email or email attachments or click on links sent from people you do not know. If you receive a suspicious email from someone you know, ask them about it before opening it.
Example:
In March 2011, hackers sent two spear phishing emails to a small group of employees at security firm, RSA. They only needed one employee to open an infected file and launch the malware. The malware downloaded information from RSA that then helped the hackers learn how to defeat RSA’s security token. In May and June 2011, a number of defense contractors’ networks were breached via the compromised RSA token.
Phreaking - Gaining unauthorized access to telecommunication systems.
Do not provide secure phone numbers that provide direct access to a Private Branch Exchange or through the Public Branch Exchange to the public phone network.
Scams - Fake deals that trick people into providing money, information, or service in exchange for the deal.
If it sounds too good to be true, it is most likely a scam. Cybercriminals use popular events and news stories as bait for people to open infected email, visit infected websites, or donate money to bogus charities.
Example:
Before the 2010 World Cup, cybercriminals offered tickets for sale or sent phishing emails claiming you won tickets to see the event.
After the death of Osama Bin Laden, a video claiming to show Bin Laden’s capture was posted on Facebook. The video was a fake. When users clicked on the link to the video, they were told to copy a JavaScript code into their browser bar which automatically sent the hoax to their friends, and gave the hackers full access to their account.
Spoofing - Deceiving computers or computer users by hiding or faking one’s identity. Email spoofing utilizes a sham email address or simulates a genuine email address. IP spoofing hides or masks a computer’s IP address.
Know your co-workers and clients and beware of those who impersonate a staff member or service provider to gain company or personal information.
Preventive Measures at Work:
■“Defense in Depth” – use multiple layers of security throughout the computer network.
■Identify ways you have lost data in the past, and mitigate those threats. Educate employees about those threats and how to change their behavior, if necessary, to prevent future loss.
■Constantly monitor data movement on your network.
■Establish policies and procedures for intrusion detection systems on company networks.
■Establish policies about what company information can be shared on blogs or personal social web pages. Enforce the policy.
■Educate employees about how their own online behavior could impact the company.
■Provide yearly security training.
■Ask employees to report suspicious incidents as soon as possible.
Additional Preventive Measures:
■Do not store any information you want to protect on any device that connects to the Internet.
■Always use high security settings on social networking sites, and be very limited in the personal information you share. Monitor what others are posting about you on their online discussions.
■Use anti-virus and firewall software. Keep them and your browser, and operating systems patched and updated.
■Change your passwords periodically, and do not reuse old passwords. Do not use the same password for more than one system or service. For example, if someone obtains the password for your email, can they access your online banking information with the same password?
■Do not post anything that might embarrass you later, or that you don’t want strangers to know.
■Verify those you correspond with. It is easy for people to fake identities over the Internet.
■Do not automatically download, or respond to content on a website or in an email. Do not click on links in email messages claiming to be from a social networking site. Instead go to the site directly to retrieve messages.
■Only install applications or software that come from trusted, well-known sites. “Free” software may come with malware. Verify what information applications will be able to access prior to enabling them. Once installed, keep it updated. If you no longer use it, delete it.
■Disable Global Position System (GPS) encoding. Many digital cameras encode the GPS location of a photo when it is taken. If that photo is uploaded to a site, so are the GPS coordinates, which will let people know that exact location.
■Whenever possible, encrypt communications with websites. It may be a feature social network sites allow you to enable.
■Avoid accessing your personal accounts from public computers or through public WiFi spots.
■Beware of unsolicited contacts from individuals in person, on the telephone, or on the Internet who are seeking corporate or personal data.
■Monitor your bank statements, balances, and credit reports.
■Do not share usernames, passwords, social security numbers, credit cards, bank information, salaries, computer network details, security clearances, home and office physical security and logistics, capabilities and limitations of work systems, or schedules and travel itineraries.
No legitimate service or network administrator will ask you for your password.
■Do not provide information about yourself that will allow others to answer your security questions—such as when using “I forgot my password” feature.
■Be thoughtful and limit personal information you share such as job titles, locations, hobbies, likes and dislikes, or names and details of family members, friends, and co-workers.
Educational Resources:
A number of organizations and websites provide additional details on how to protect you and your workplace from social networking threats.
www.LooksTooGoodToBeTrue.com
www.OnGuardOnline.gov
www.us-cert.gov
www.ic3.gov
www.dhs.gov
www.ftc.gov
www.fbi.gov
Social Network is and will continuely revolutionize business interactions, just like internet did on business a decade ago. However, internet-based social networking will also cause risks, which we need to take care about. Since we will not abandon the access of social network because of the potential risks, an important issue could be how to reduce the risks to the minimum range.
The following passage from FBI may be useful and quite practical in that it not only tell us how to identify those "tricks", but also how to prevent.
Here is the passage:
Internet Social Networking Risks
By FBI
(Source: http://www.fbi.gov/about-us/investigate/counterintelligence/internet-social-networking-risks)
Internet-based social networking sites have created a revolution in social connectivity. However, con artists, criminals, and other dishonest actors are exploiting this capability for nefarious purposes.
There are primarily two tactics used to exploit online social networks. In practice, they are often combined.
1. Computer savvy hackers who specialize in writing and manipulating computer code to gain access or install unwanted software on your computer or phone.
2. Social or human hackers who specialize in exploiting personal connections through social networks. Social hackers, sometimes referred to as “social engineers,” manipulate people through social interactions (in person, over the phone, or in writing).
Humans are a weak link in cyber security, and hackers and social manipulators know this. They try to trick people into getting past security walls. They design their actions to appear harmless and legitimate.
Falling for an online scam or computer hack could be damaging for an individual victim as well as the organization the victim works for. Such risks include:
Vulnerability of Social Networking Sites
Social networking sites are Internet-based services that allow people to communicate and share information with a group.
Risks:
Once information is posted to a social networking site, it is no longer private. The more information you post, the more vulnerable you may become. Even when using high security settings, friends or websites may inadvertently leak your information.
Personal information you share could be used to conduct attacks against you or your associates. The more information shared, the more likely someone could impersonate you and trick one of your friends into sharing personal information, downloading malware, or providing access to restricted sites.
Predators, hackers, business competitors, and foreign state actors troll social networking sites looking for information or people to target for exploitation.
Information gleaned from social networking sites may be used to design a specific attack that does not come by way of the social networking site.
Tactics:
Baiting - Someone gives you a USB drive or other electronic media that is preloaded with malware in the hope you will use the device and enable them to hack your computer.
Do not use any electronic storage device unless you know its origin is legitimate and safe. Scan all electronic media for viruses before use.
Click-jacking - Concealing hyperlinks beneath legitimate clickable content which, when clicked, causes a user to unknowingly perform actions, such as downloading malware, or sending your ID to a site. Numerous click-jacking scams have employed “Like” and “Share” buttons on social networking sites. Disable scripting and iframes in whatever Internet browser you use. Research other ways to set your browser options to maximize security.
Cross-Site Scripting (XSS) - Malicious code is injected into a benign or trusted website. A Stored XSS Attack is when malicious code is permanently stored on a server; a computer is compromised when requesting the stored data. A Reflected XSS Attack is when a person is tricked into clicking on a malicious link; the injected code travels to the server then reflects the attack back to the victim’s browser. The computer deems the code is from a “trusted” source.
Turn off “HTTP TRACE” support on all webservers. Research additional ways to prevent becoming a victim of XSS.
Doxing - Publicly releasing a person’s identifying information including full name, date of birth, address, and pictures typically retrieved from social networking site profiles.
Be careful what information you share about yourself, family, and friends (online, in print, and in person).
Elicitation - The strategic use of conversation to extract information from people without giving them the feeling they are being interrogated. Be aware of elicitation tactics and the way social engineers try to obtain personal information.
Pharming - Redirecting users from legitimate websites to fraudulent ones for the purpose of extracting confidential data. (E.g.: mimicking bank websites.)
Watch out for website URLs that use variations in spelling or domain names, or use “.com” instead of “.gov”, for example. Type a website’s address rather than clicking on a link.
Example:
Most computer infections come from websites. Just visiting a website can expose your computer to malware even if you do not download a file or program. Often legitimate sites may be unknowingly infected. Websites with information on popular celebrities or current sensational news items are frequently hijacked by criminals, or criminals may create such websites to lure victims to them.
Phishing - Usually an email that looks like it is from a legitimate organization or person, but is not and contains a link or file with malware. Phishing attacks typically try to snag any random victim. Spear phishing attacks target a specific person or organization as their intended victim.
Do not open email or email attachments or click on links sent from people you do not know. If you receive a suspicious email from someone you know, ask them about it before opening it.
Example:
In March 2011, hackers sent two spear phishing emails to a small group of employees at security firm, RSA. They only needed one employee to open an infected file and launch the malware. The malware downloaded information from RSA that then helped the hackers learn how to defeat RSA’s security token. In May and June 2011, a number of defense contractors’ networks were breached via the compromised RSA token.
Phreaking - Gaining unauthorized access to telecommunication systems.
Do not provide secure phone numbers that provide direct access to a Private Branch Exchange or through the Public Branch Exchange to the public phone network.
Scams - Fake deals that trick people into providing money, information, or service in exchange for the deal.
If it sounds too good to be true, it is most likely a scam. Cybercriminals use popular events and news stories as bait for people to open infected email, visit infected websites, or donate money to bogus charities.
Example:
Before the 2010 World Cup, cybercriminals offered tickets for sale or sent phishing emails claiming you won tickets to see the event.
After the death of Osama Bin Laden, a video claiming to show Bin Laden’s capture was posted on Facebook. The video was a fake. When users clicked on the link to the video, they were told to copy a JavaScript code into their browser bar which automatically sent the hoax to their friends, and gave the hackers full access to their account.
Spoofing - Deceiving computers or computer users by hiding or faking one’s identity. Email spoofing utilizes a sham email address or simulates a genuine email address. IP spoofing hides or masks a computer’s IP address.
Know your co-workers and clients and beware of those who impersonate a staff member or service provider to gain company or personal information.
Preventive Measures at Work:
■“Defense in Depth” – use multiple layers of security throughout the computer network.
■Identify ways you have lost data in the past, and mitigate those threats. Educate employees about those threats and how to change their behavior, if necessary, to prevent future loss.
■Constantly monitor data movement on your network.
■Establish policies and procedures for intrusion detection systems on company networks.
■Establish policies about what company information can be shared on blogs or personal social web pages. Enforce the policy.
■Educate employees about how their own online behavior could impact the company.
■Provide yearly security training.
■Ask employees to report suspicious incidents as soon as possible.
Additional Preventive Measures:
■Do not store any information you want to protect on any device that connects to the Internet.
■Always use high security settings on social networking sites, and be very limited in the personal information you share. Monitor what others are posting about you on their online discussions.
■Use anti-virus and firewall software. Keep them and your browser, and operating systems patched and updated.
■Change your passwords periodically, and do not reuse old passwords. Do not use the same password for more than one system or service. For example, if someone obtains the password for your email, can they access your online banking information with the same password?
■Do not post anything that might embarrass you later, or that you don’t want strangers to know.
■Verify those you correspond with. It is easy for people to fake identities over the Internet.
■Do not automatically download, or respond to content on a website or in an email. Do not click on links in email messages claiming to be from a social networking site. Instead go to the site directly to retrieve messages.
■Only install applications or software that come from trusted, well-known sites. “Free” software may come with malware. Verify what information applications will be able to access prior to enabling them. Once installed, keep it updated. If you no longer use it, delete it.
■Disable Global Position System (GPS) encoding. Many digital cameras encode the GPS location of a photo when it is taken. If that photo is uploaded to a site, so are the GPS coordinates, which will let people know that exact location.
■Whenever possible, encrypt communications with websites. It may be a feature social network sites allow you to enable.
■Avoid accessing your personal accounts from public computers or through public WiFi spots.
■Beware of unsolicited contacts from individuals in person, on the telephone, or on the Internet who are seeking corporate or personal data.
■Monitor your bank statements, balances, and credit reports.
■Do not share usernames, passwords, social security numbers, credit cards, bank information, salaries, computer network details, security clearances, home and office physical security and logistics, capabilities and limitations of work systems, or schedules and travel itineraries.
No legitimate service or network administrator will ask you for your password.
■Do not provide information about yourself that will allow others to answer your security questions—such as when using “I forgot my password” feature.
■Be thoughtful and limit personal information you share such as job titles, locations, hobbies, likes and dislikes, or names and details of family members, friends, and co-workers.
Educational Resources:
A number of organizations and websites provide additional details on how to protect you and your workplace from social networking threats.
www.LooksTooGoodToBeTrue.com
www.OnGuardOnline.gov
www.us-cert.gov
www.ic3.gov
www.dhs.gov
www.ftc.gov
www.fbi.gov
Search for Professional Employee
Introduction
In
this blog I would like to explore the idea of using social networking and SNA
to identify qualified future employees and/or temporary qualified replacements. Here I will take an example from the Business
Aviation Industry.
When
consulting companies are overloaded with applications from qualified
individuals there are some industries that do not have so many options for
future employees or replacements. In
business aviation the number of qualified pilots is not too high and good
pilots can be hard to find. However this industry is relatively small and
through a network and good references it’s often possible to get an interview
and possible a position within an established company.
The
nature of the industry is such that a certain amount of pilots are needed to
cover each aircraft, and the aircraft needs to be covered 24/7. This system is most of the time successful
but as with all other industries there are times when people get sick or change
jobs, which might require a quick qualified replacement.
When
pilots are needed there are many qualifications that need to be looked at.
First of all does the pilot have all licences valid, does he have a
validation of his licence for the country where the aircraft is registered, is
he type rated on this particular type and is the rating valid. These are the minimum requirements needed
before you can even start to look into experience, both years and locations,
and of course personality.
Main Question: Can SNA identify qualified
candidates for an interview?
When CV is available it does give you the necessary relevant information about a person. However often it is difficult to judge if
this person is professional in the working environment, if they are flexible,
safe and good tempered.
With
Social Network Analyses we could identify the individuals that are approached
for professional advice, who are frequently approached for freelance work, the
ones who are used for training others and in which geographical locations they
have experience, where they have worked before and maybe the most important
one, the comfort level of working with this person (safe, professional, good
tempered and flexible). These information are very valuable for an employer who is looking for a responsible qualified pilot.
A
survey among the individuals is needed to get more information about them and
to identify persons in their network and their qualifications.
Proposed
Attributes:
·
Gender
·
Age
·
Language
skills
·
Type
Ratings
·
Work
Experience
·
Geographical
Experience
·
Hobbies
·
Sport
·
Professionalism
·
Temperament
·
Social
media user
Conclusion
By
taking into account these widely used social networking tools, both future
employers and employees could benefit from the analyses. They would get leads from the analyses of whom to approach for
interviewing for a particular assignment or a permanent position within the
company. This could possible decrease
expensive trial periods for the company, the pilot and the customer.
The empowered employee
Social tools are now empowering employees in an organisation. The traditional outlook of industries has been that employees have been looked at as resources. Social network tools have now made employees more powerful than ever before. Individuals now have their own network and access to numerous knowledge sources.This trend has a few risks but is a new avenue of growth for managements of the companies. Employees now are spokespersons/ambassadors to the outside world. If used effectively and efficiently this can transform the way business is done.
Here is a very interesting article about the empowerment of employees.
http://blog.yammer.com/blog/2012/03/the-rise-of-the-empowered-employee.html
SNA and How Companies Know Your Secrets
In the U.S., almost every major retailer, from grocery chains to investment banks to
the U.S. Postal Service, has a “predictive analytics” department devoted
to understanding not just consumers’ shopping habits but also their
personal habits. This may be intuitive but did you know the level of detail companies may know about you? For example companies like Target can buy data about your ethnicity, job
history, the magazines you read, if you’ve ever declared bankruptcy or
got divorced, as well as what kinds of topics you talk about online, whether you
prefer certain brands of coffee, paper towels, cereal or applesauce,
your political leanings, reading habits, charitable giving and the
number of cars you own. Companies like Target use this information to identify consumers around life and behavior changing events such as a pregnancy. I was at once awed and creeped out by the Big Brother aspect. I was awed because this is a very efficient use of SNA to efficiently market to consumers.
However, there is a "creep" factor and begs the question, what if I
don't want Target or any other companies to know this much information
about me? Can I opt out? What are primary reasons I want to opt out? Is there a shift where consumers will be ok or even want companies to know so much about them?
Read the full article here:
http://www.nytimes.com/2012/02/19/magazine/shopping-habits.html
New York Times, "How Companies Know Your Secrets," Charles Duhigg, February 2012
Read the full article here:
http://www.nytimes.com/2012/02/19/magazine/shopping-habits.html
New York Times, "How Companies Know Your Secrets," Charles Duhigg, February 2012
Blogging about the blog
Rajprakash Prabagaran
SNA Assignment
Ford has brought the social experience to the forefront of their marketing efforts.
Each time they add a new blog post, they pull in the image, headline of the post and the comments from readers onto the front page of their website. Those new to the site or those browsing for a new car get to experience the company and its culture from a social viewpoint right from the start.
Their blog, The Ford Story, is also unique. In the image below you can see their innovative layout where viewers can start reading the comments before they read the article, putting their fans’ and followers’ viewpoints first. Introducing your blog and your readers’ comments to new viewers sets a welcoming and friendly first impression for any company.
The blog is also linked to Flickr (for viewing images) and Youtube Ford channel (for viewing videos)
Please check the link to experience this blog.
http://social.ford.com/
SNA Assignment
Ford has brought the social experience to the forefront of their marketing efforts.
Each time they add a new blog post, they pull in the image, headline of the post and the comments from readers onto the front page of their website. Those new to the site or those browsing for a new car get to experience the company and its culture from a social viewpoint right from the start.
Their blog, The Ford Story, is also unique. In the image below you can see their innovative layout where viewers can start reading the comments before they read the article, putting their fans’ and followers’ viewpoints first. Introducing your blog and your readers’ comments to new viewers sets a welcoming and friendly first impression for any company.
The blog is also linked to Flickr (for viewing images) and Youtube Ford channel (for viewing videos)
Please check the link to experience this blog.
http://social.ford.com/
Dark Social: We Have the Whole History of the Web Wrong
The article mentioned here is a different take on the
evolution of the web and how the information that is available to
individuals/organizations is obscured by the manner in which the social
networks in reality shares information. The article is by senior editor at The
Atlantic - Alexis Madrigal.
In the article he mentions how the social
networks have evolved over the years, starting with individuals sharing
information directly, to the current scenario were Facebook and Twitter has
made it much more accessible to others.
In it, he also emphasizes how traffic still remains invisible. The term
“Dark Social” as mentioned by the author, accounts for more than 50% of the
traffic to individual stories on The Atlantic. It is a fact that information
shared on to the Internet has increased but that has not helped fully explain how the
information is shared, which is of great importance to people studying social
network behaviors. The details of the article are available at the below link.
Subscribe to:
Posts (Atom)