IM Security Guide
Instant messaging is now becoming a part of our day to day life. People use IM from their desktops, laptops and from other mobile devices. As IM is used for communicating with others, IM has its own security issues but no one thinks about them. IM communication is generally unprotected and unmonitored. Now most of the IM clients are becoming more and more interoperable and this makes an easy task for an attacker to easily attack on more then one IM client using one IM client. Let’s first discuss the security threats to IM clients and then later we will discuss how to protect you while using any of the IM clients.
Spim
Messaging Spam called as SPIM. Most IM clients have a directory that has the information about the usernames, age, sex and other information. Spammers sign in with their own username and send messages to other IM users. Microsoft has announced that the upcoming Windows Live Messenger 9.0 would support specialized features to combat messaging spam.
Trojan Horses
Trojan Horses are very powerful software that can help attacker to get your computer’s full control through IM client. Some Trojan Horses send messages to your entire friend list in IM as well as your email address book contacts.
Worms
Email worms are well known to everyone, now spammers also using IM clients to spread warm. To be very careful before clicking any URL those come to you through your IM.
How to Protect Your Self on IM
Spim
Many IM clients offer users to accept messages, only from people already on their contact list. The free AOL Instant Messenger (AIM) service allows users to ‘warn’ other users. The warning decreases the number of messages an account can send, slowing down spam, and shows the AIM address as warned to other users that it may try to message. This feature does have the potential for abuse, although such cases are minimal.
Install Updates and Patches to IM Client
Now major IM client provider release updates and patches to new discovered vulnerabilities in their programs. Installing updates and patched help you to reduce the probability of get rid of spammers attacks.
Use a Desktop Security Software
Most IM client’s supports file transfer so it’s very easy to send an infected file to some IM user. Good desktop security software will find and delete infected file before your open it. Firewalls are also a very good solution to protect your sensitive data.
Secure IM Logs
Most IM users use to save their communication history and IM also creates logs. These logs some times contain sensitive information and very useful for spammer. Keep all your IM logs and history behind a strong firewall or delete them regularly.
Encrypt Messages
This functionality is now becoming an integral part of IM clients and most of the time your conversions with others are encrypted and send over the secure connections. Double check, if the encryption is not enabled on your IM conversation.
