True North Networks Blog
Understanding Social Media Threats and How to Protect Against Them
Social media is a great way for organizations of all sizes to engage with customers. In fact, social media advertising revenue has been climbing steadily every year. In the U.S., for example, it was $13.1 billion in the first half of 2018, up 38% from the previous year.1 And it’s no wonder companies are willing to invest in social media, considering that there were nearly 3.2 billion active social media users in 2018.2
But these online networking environments are fraught with peril. Cyber criminals have reaped approximately $3.25 billion in revenues per year from social media threats.3 Most brands do not have the time or technology to monitor, classify and organize all the social media threats they face on Facebook, YouTube, Twitter, Instagram and LinkedIn. It’s simply too big of a job for a company to take on by itself.
How Cybercriminals Execute Social Media Threats
Virtually anyone is a potential target for social media threats – from respected public figures and celebrities to name brand companies and the average user. Hackers and bad actors use a number of tricks and tactics to achieve their objectives – whether they are financially or politically motivated. Here are some of the most common techniques4 they use when carrying out social media threats:
- Account access: Social media password management at most organizations is often treated much too casually. As brands see turnover and onboard new employees, passwords are shared and former employees retain access to social media accounts. And the security protection provided by social media networks is not enough. For example, Facebook links administrative accounts to personal accounts, creating a security vulnerability that could impact the brand. Companies must ensure that corporate and personal password management policies are in place. The consequences of poor password management and subsequent account takeovers can have a lasting and devastating impact to a brand’s social reputation
- Phishing attacks targeting employees: Fraudsters can pretend to be a company executive to extract funds or sensitive information by creating fake social media accounts on LinkedIn. They usually target a senior member of the company’s finance team or supply chain. Impersonators exploit human nature in two ways. First, they take advantage of the victim’s trusting nature by assuming the persona of someone the victim knows and strives to please. Second, they impose time pressure, short-circuiting the victim’s normal decision-making process. The impersonator might ask for an urgent money wire transfer or for confidential information.
- Phishing attacks targeting customers: In these attacks – also known as angler phishing – cyber criminals create highly convincing customer service accounts and then wait for your customers to reach out to your brand with a help request. Automated listening tools make it easy for criminals to monitor your social accounts to find a potential victim. They often strike on evenings or weekends when your customer service teams are less likely to monitor the account for requests. When the fraudster sees a customer contact your brand account, they intercept the communication and send a timely reply from the look-alike support account. Cyber criminals will then direct the unsuspecting user to click on a look-alike web domain where they will be phished of their credentials.
- Physical attacks targeting executives: Credential phishing attempts aren’t the only threats on social media targeting individuals. Doxing is an internet-based practice of gathering identifiable information about a person with the objective of shaming, scaring or blackmailing the target. In the U.S., doxing is a form of stalking and is illegal under many different federal and state laws, depending on the exact facts and location. Bad actors can publish personal information about your executives to a wide audience on social media. Once your executives’ details are posted in a public forum, they can then be threatened publicly or privately by anyone who wants to harass or harm them.
Social Media Schemes and Scams
Now that you understand some of the methods cyber criminals use when launching social media threats against people and organizations, let’s take a look at some of the threats that are aimed at the general public.
These more traditional social engineering scams include posting bogus coupons and links to malicious pages claiming to be free offers, often for movies or performances. In other cases, attackers send carefully engineered phishing scams as direct messages to social media users. The scams include:
- Free movie streaming downloads
- Work from home/make easy money
- Fake coupons
- Free airline flights
Protecting Against Social Media Threats: The Basics
There are several steps you can take to safeguard your people and your organization against social media threats:
Enable two-factor authentication to protect your social media accounts and management tools in addition to your passwords. This extra step of login verification will trigger a text or email alert with a verification code if someone attempts to sign in from an unrecognized device or IP address.
- If you set up two-factor authentication, you'll be asked to enter a special login code or confirm your login attempt each time someone tries accessing Facebook from a computer or mobile device we don't recognize. You can also get alerts when someone tries logging in from a computer we don't recognize.
- Encourage security teams to coordinate with social media teams as a way of gaining greater visibility into how your company is engaging on social media. From there, the security team can then define social threat protection measures.
- Take inventory of all your social media accounts for your people and brand – official and unofficial. Consider using a tool to automate the discovery process and keep track of new accounts as they are created.
- Once you have an inventory, identify everyone who has login access to accounts and applications. Confirm that each user’s access is authorized.
- Simplify administration. Begin by reducing the number of direct administrators, strengthening your passwords and using password management solutions. Consider using the same single sign-on solution you use for email, applications and network access.
- Reduce the number of third-party social media applications, especially those used to publish posts or comments on your behalf. This will minimize the probability of hackers gaining access to accounts and publishing bad content.
- Implement a solution that will automatically monitor your accounts for anomalies that may indicate social media cybercriminal activities and threats.