A Dangerous Duo: Social Media + Cybercriminals
By Krystal Rennie / Adlumin, Inc.
When you combine all the social media platforms, trends, and endless opportunities to share information – both business and personal – it’s clear just how connected we all are with one another. Whether it’s a company’s promotional tweet or a personal job announcement on LinkedIn, as a society, sharing real-life moments through online platforms has become the norm. The point of social media is to build a community, and while most of the time it’s believed to be a safe space, that is where we get it wrong.
According to an article published in Social Media Perth, “Cyber criminals are adept at manipulating employees on social media to gain an organization’s confidential information. Such cyber-attacks are common with simple mistakes placing business information at risk. Leaked passwords, brand impersonation and other phishing scams (tricking employees into divulging sensitive information via web links) are responsible for almost 95 percent of all social cyber risk incidents.” Social media highlights major privacy concerns and we must always be prepared for the dangers lurking in cyberspace.
Cybercriminals are always looking for new ways to hack into your accounts and steal private information. So, let’s take a deeper look into how social media can be a threat to the cybersecurity of a business, individual or both.
How is Our Privacy at Stake?
While social media is a great tool for keeping us connected to relatives, friends, customers, and more, there are many ways these online platforms can be dangerous and expose critical personal and geographical information. Below are a few risks to be aware of:
- The Human element: In terms of social media, the biggest threat to cybersecurity is humans. We are the creators – CEOs if you will – of social media accounts. Whether it is your personal Twitter, or you are the social media manager for your organization’s social accounts, humans are in control. With that being said, human error at work can easily become a liability. If you are not careful with the information you release on these platforms, cybercriminals can hack into your account and gain insight to your organization’s sensitive data, usernames and password credentials.
- Oversharing: In today’s world of social media, sharing content is the main goal. Whether its pictures, blog posts, tweets or exciting project launches, we love to exchange information with others. While there are many benefits, there is also a strong possibility that oversharing could lead to your social media platforms becoming an amusement park to cybercriminals. Personal and/or private information is the first thing at stake when oversharing occurs. Cybercriminals only need a small piece of information to gain access to your accounts and expose private information on the dark web.
- Malware Attacks: According to the smperth article, “Cybercriminals are focusing their resources on data-rich environments, such as Facebook and Instagram, to gain access to personal information.” Malware attacks are popular among hackers to steal and abuse user data. The scary truth is that personal social media profiles are not the only ones at risk. These social malware and data hacks have the power to also target your business computer systems. This usually comes in the form of malicious emails.
- Password attacks: A cybercriminal can get ahold of your password through social engineering, shared user and brand impersonations and more. Once a criminal gets ahold of your password, they have complete control over your social media accounts. This can be a quick and costly setback to your business or personal brand reputation.
Taking Precautions is Key
There are several important safety factors to consider when monitoring various social media channels. Whether it is a business or personal social account, it is critical to stay one step ahead as often as possible. While social media dangers do exist, you should stay informed on the various ways to prevent yourself from falling victim to social attacks. A few safety tips include the following:
- 24/7 Deep and Dark Web Compromised Account Search: Extend your defensive capability to the deep and dark web via providers that specialize in searching for your organizations compromised or leaked accounts on the deep and dark web. Services will constantly search for your compromised accounts, even sitting in forums where compromised accounts are sold by hackers. Unless you are an expert, do not try and search the deep and dark web on your own.
- Avoid Simple and Reused Passwords: A weak password is the perfect entry point for cybercriminals looking to hack your social media platforms. It is recommended that your passwords are strong, using numbers, letters and special characters. It is also important to avoid using the same password for all your social platforms, so you can reduce the chances of all your accounts being accessed at the same time.
- Understand the Privilege of the Users on Your Network: Account Privilege is often used against an organization’s network. Review Privilege quarterly if possible. Always give least privilege to accounts as recommended by the National Institute of Standards and Technology (NIST) Cybersecurity Framework model.
- Review Privacy Settings: Make sure you review and test the privacy settings of your social media apps regularly. According to an Sans article, “Social media sites often change privacy settings and it is easy to make a mistake. In addition, many apps and services let you tag your location to content that you post (called geotagging). Regularly check these settings if you wish to keep your physical location private.”
- Monitor Your Network 24/7 with Next Generation Technology: By ensuring that your company has a cybersecurity safety net, it will allow for constant monitoring of your network’s credentials and possible exposure. This can be done through a security and compliance automation platform, risk management and protection software and more.
The reality is that the relationship between cybersecurity and social media has become more intertwined as businesses are incorporating these platforms into their brand strategies and marketing or advertising plans. It is important to note that organizations providing financial, legal or medical services are at an even higher risk for attacks. Risk management is key to protecting your business from social media attacks. Equipping your IT teams with the proper tools and cyber protection strategies should be a requirement, as a lack of cybersecurity can spread risk to every department.