Social media has become an essential part in our daily routine. This past year, due to lockdowns, social media became the primary way to communicate with friends and family, connecting with them even from far way. The number of users in the Philippines alone increased by 16 million, a 22% growth, between 2020 and 2021. Since going out was restricted for quite some time, businesses relied on the internet to keep operations running. This also paved way for new businesses to open, using social media as their main platform. However, unlike eCommerce and corporate websites, social media platforms lack the layer of protection needed to fend off attackers.
Social media platforms have evolved throughout the years. Today, we can message, call and videocall any of our friends and families. It had also developed into a place where we can buy and sell products and services. As more businesses depend on social platforms, threats have become more rampant and dangerous to users all around. According to FBI’s 2020 report, victims in the US alone have lost over $155 million to social media cybercrimes. Because of the lack of security, identity theft and fraud are common occurrences in these platforms. A lot of the users are, also, unaware of all the threats that can potentially compromise their data.
To understand the growing dangers on the web, it is important to know the common types of social media attacks out there. In social media platforms, users tend to overshare personal and private information on their pages. Reconnaissance is an attack precursor that is usually hard to detect. Hackers gather and analyze all the information that they can find about a victim’s life and use that against them. Cybercriminals start to plan convincing traps such as malicious links or ads to lure them into giving more information that they can use for their own benefit.
Fake profiles are becoming more of a threat in recent years. Threat actors can mimic legit profiles and carry out attacks on a large and small scale. Attackers can impersonate public figure profiles to distribute malware worldwide or send phishing campaigns to millions of unsuspecting victims. In some cases, attacks can be targeted against organizations by tricking employees in that targeted organization. For example, hackers can impersonate a high-ranking worker in a targeted company and order an employee to perform a task that can compromise sensitive information. MacKenzie Scott, the richest woman in the world, has been giving away her fortune, totaling nearly $6 billion in 2020. However, threat actors started using this to their advantage by impersonating her representatives. Hackers would send emails under the name “Ms. Scott Foundation” to unsuspecting victims promising monetary support, but the recipient must pay the transfer fee to receive the funds. Impersonation scams are becoming more and more sophisticated as time goes on, targeting organization and individuals alike.
With social engineering attacks, hackers take advantage of people’s emotion and vulnerabilities by involving some type of psychological manipulation. Targets are sent messages, usually via email, that provoke fear and urgency to make victims click on malicious links or files and coerce them into revealing sensitive information. These attacks are made to look like legitimate emails, websites, and such to increase the chances of the victims falling for their trap. Another type of attack is fake news, which is trending topics nowadays. Although it is not considered a cybercrime, their influence and effects on society’s perception is great. An example of this is the widespread misinformation of Covid19. Numerous of misleading information about the pandemic was plastered all over social media platforms, which pose a serious problem to public health. During this period, WHO reported that at least 800 people died due to the misinformation about the virus. Fake news brought out a lot of doubt and uncertainty to the public, endangering many lives in the process.
In recent years, we have also seen an increase of profile compromises. Hackers directly compromises a social media profile, especially verified accounts, and use it to gain the trust of victims. They use the compromised profile to target the brand’s customers with malicious content to steal information or money. Last year, numerous Twitter accounts, like Barak Obama and Apple, were compromised and used in a cryptocurrency scam. Messages with a bitcoin wallet addressed attached were posted, claiming that people would get double back. Reports say that approximately $116,000 or 12.5 Bitcoin was collected due to this scheme. Malicious content have also been surfacing across the web. Malicious links are being used to lure victims into clicking links hosted on third-party sites, which are posted on social media platforms. One click exposes and exploit the targeted account, potentially giving hackers control over it.
Social media platforms are essential for businesses nowadays. Brands can reach more people from young to old from all over the globe. Just as illustrated above, there are numerous dangers that come with it and the ill-equipped security that these platforms have poses as risks for a breach. Companies must treat social media with the same level of security they have on their other channels. Educating your team on the different dangers and the protocols that they must abide to will help keep data safe. It is also important to have a social media and digital brand protection as well. With Cyberint’s Digital Risk Protection, we can monitor all social media platforms and protect your brand from threats, ensuring your company’s data and reputation safe and sound.
——
References:
Braham, Reuben. “Why Digital Risk Protection on Social Media Is a Must For Online Retailers.” Cyberint, 22 June 2021, blog.cyberint.com/social-media-a-heaven-for-cyber-criminals.
Ilascu, Ionut. “MacKenzie Scott Grant Scam More Widespread than Initially Thought.” BleepingComputer, 2 Apr. 2021, www.bleepingcomputer.com/news/security/mackenzie-scott-grant-scam-more-widespread-than-initially-thought.
Kemp, Simon. “Digital in the Philippines: All the Statistics You Need in 2021.” DataReportal – Global Digital Insights, 11 Feb. 2021, datareportal.com/reports/digital-2021-philippines.
Prior, Ryan Cnn. “Fake News Study: Most Americans Can’t Spot Fake News, Study Finds.” CNN, 1 June 2021, edition.cnn.com/2021/05/31/health/fake-news-study/index.html.
Bridgman, Aengus. “The Causes and Consequences of COVID-19 Misperceptions: Understanding the Role of News and Social Media | HKS.” Misinformation Review, 26 Jan. 2021, misinforeview.hks.harvard.edu/article/the-causes-and-consequences-of-covid-19-misperceptions-understanding-the-role-of-news-and-social-media.
“Fighting Misinformation in the Time of COVID-19, One Click at a Time.” World Health Organization, www.who.int/news-room/feature-stories/detail/fighting-misinformation-in-the-time-of-covid-19-one-click-at-a-time. Accessed 27 Apr. 2021