CINCINNATI (FOX19) –Imagine you're sitting in a coffee shop surfing your Facebook page, or Twitter account and all of the sudden the stranger sitting at the next table is updating your status and sending messages to your friends from your account.
It could happen and anyone can do it.
In October of 2010, a new piece of software called Firesheep was made available to the public.
By itself, this may not seem newsworthy, but the fact that this software allows someone to gain access to your online accounts, such as Facebook, Twitter, and Yahoo, whenever you access those sites from a wireless hotspot, has far reaching privacy and security implications.
Firesheep is a free Firefox browser plugin which allows attackers to monitor wireless hot-spots for people logging in to websites that do not require secure connections. Once a person logs in to their account, the attacker is able to steal their browser cookie (a process called "session hijacking") and access the victim's account with just a few mouse clicks, virtually undetected. Firesheep is almost idiot-proof, and gives even the most inexperienced computer user a tremendous amount of power.
Privacy and Business Implications
The capability that this puts into the hands of an average computer user poses a significant threat to peoples privacy, and the security of coffee shops, restaurants hospitals and other businesses as well. Once an account is compromised, an attacker could impersonate the victim and/or monitor all communication to and from the victim. Additionally, marketing and other business professionals that maintain social media sites for organizations can have those accounts compromised.
Be on the look out and report any suspicious account activity including strange communication and wrong password errors.
Educate people and instruct them to report any suspicious activity.
Limit the use of wireless hot spots.
Ensure the web address you are accessing begins with "https://" and has a closed lock indicating a secure connection.