Security firm Sophos said its latest research into social networking found that 63% of system administrators worry that employees share too much personal information via their social networking profiles, putting their corporate infrastructure – and the sensitive data stored on it – at risk

The findings also indicate that a quarter of businesses have been the victim of spam, phishing or malware attacks via sites like Twitter, Facebook, LinkedIn and MySpace.

With social networking now part of many computer users’ daily routine – from finding out what friends are up to, to viewing photos or simply updating their online status – Sophos experts note that unprecedented amounts of information is updated every minute. 

Frequent use of social networking sites makes them a prime target for cybercriminals intent on stealing identities, spreading malware or bombarding users with spam, Sophos said.

The initial productivity concerns that many organisations harboured when Facebook first shot to popularity are giving way to the realisation that there are more deliberate and malicious risks associated with social networking, said Graham Cluley, senior technology consultant at Sophos. 

As cybercriminals choose to exploit these sites for nefarious purposes, both innocent users and companies are finding themselves in the firing line.  But until users wise up to the dangers, and firms begin to take precautionary measures to combat these threats, then the situation will intensify.

Sophos research found that although one third of organisations still consider productivity issues to be the major reason for controlling employee access to social networking sites, the threat from both malware and data leakage is becoming more apparent with one in five citing these as their top concerns.