12 Cyber Threats of Christmas – Social Media

In our 12 Threats of Christmas feature, we want to look at cyber threats and issues that can impact organisations. 

Some may be known to you, whilst others, may seem a little more out of the box. 

On the seventh day of Christmas, our cyber threat is: 

Social Media 

The importance of social media has exploded over the last 20 years. For businesses, the use of Facebook, LinkedIn and Twitter have been instrumental in maintaining a market presence, generating new business leads and promoting themselves as thought leaders. 

According to research, carried out by cyber security firm Bromium, a fifth of all organisations have been infected with malware from social media, suggesting that the resource used to generate new business could be responsible for dangerous data breaches and attacks. 

17% of the human race or 1.3 billion social media users have been victims of their data being compromised through social media cyber criminality in the last five years alone. 

Email fraud/impersonation and social media hijacking rose by 35% compared with 2017’s figures A 2019 report by the Office of National Statistics indicates that this is where cyber criminals are now focusing their efforts. 

In addition to the use of social media contributing towards impersonation fraud, the collaborative aspect of social media through adverts, shares and various plug-ins means that there are in excess of 20% more ways for cyber criminals to introduce malware to users’ accounts when compared with corporate websites or digital media. 

Mike McGuire, Senior Lecturer in Criminology at Surrey University, said:  

“One trend on social media has been the hijacking of trustworthy verified accounts. In one case, hackers took over the Twitter account for UK retailer Matalan and changed it to resemble Elon Musk’s profile. Tweets were then sent out asking for a small bitcoin donation with the promise of a reward. Safe to say, nobody who donated got anything in return. 

“For businesses, this type of malware can be very costly, with the increased performance demands draining IT resources, network infections and accelerating the deterioration of critical assets.” 

What steps can I take to protect my business on social media? 

Cyber criminals can use social media to infect your devices with malware, but they can also use it to conduct recon work on your business. Here are some steps you can take to protect your business from cyber criminals using social media to their advantage: 

  • Don’t allow posts which demonstrate your office is empty (for example, closed for Christmas) – cyber criminals can use your downtime to their advantage 
  • When your employees are working, don’t allow them to visit social media on work devices. Criminals can hide malicious code in fake adverts on social media, which in turn can be used to access your systems 
  • Keep passwords secure and complex. Ensure that they’re given to those who need them and are stored in a safe way 
  • Use a different password for each of your social media accounts 
  • If you use work social media apps on your phone, be sure to password protect the device
  • Ensure your privacy settings are set to the highest they can be 
  • Always log out of the social media channel when you’ve finished 

Missed Day 6 which focused on Cyber Criminals? Fear not, you can read it here.