While you’re busy telling everyone where you are, what you’re doing and what you’re working on, spare a thought for Social Media cyber security
We’re in the midst of a malware epidemic and lack of social media cyber security creates a prime breeding ground. According to Kaspersky Lab, 310K new malicious files are created every day, compared to the daily 200K in 2010. These include everything from cyber annoyances for consumers to sophisticated and targeted attacks on corporate social accounts—shattering both reputations and bottom lines overnight. Yesterday’s entry regarding the 2012 LinkedIn hack should highlight the threat
To give some perspective on how common these attacks are, one in five phishing scams targets Facebook. Even though 66% of the global population are active social media users, the problem isn’t rooted in system flaws. People are simply too careless with their social media cyber security.
For example, 28% of social network users don’t change their privacy settings, leaving all posts and photos public (*cringe*).
Top 5 Social Media cyber security risks for any business
- Not paying attention on social media – If the business account is unmonitored and it becomes the target of a malicious attacks like a virus, you won’t know if it spreads to your followers. And if your followers start receiving spam messages from your account they will quickly lose trust and confidence in your brand.
- Human error – Human error is the most common social media cyber security threat. Human error often causes security risks such as phishing attacks, scams, and other cyber annoyances. People unknowingly click on a phishing link, interact with a fake account, or accidentally fill out a malicious form with sensitive information. Compliance issues, relevant to organizations working within regulated industries, are most often triggered by employees or customers accidentally sharing confidential personal information on public forums.
- Malicious apps– The internet is smattered with malicious software and it’s only getting worse. Spyware, for example, is any software that collects personal information or sends spam ads without your consent. Adware tracks personal and sensitive information in much the same way. All malicious apps steal things like personal or sensitive information, passwords, and data without you knowing. Just like having street smarts, think before you click or share information.
- Social scams and phishing attacks – Similar to malicious apps that try to collect sensitive data, phishing scams use social media to trick people into giving personal information such as banking details and passwords. Phishing attempts are up this year by 150 percent on major social networks like Facebook, Twitter, Instagram, and LinkedIn. Social scams range from fake customer service accounts or fake accounts of your friends, to spams in social comments that lure you to ‘buy this’ or ‘click here.’
- Malware attacks and hacks – There are good hackers and bad hackers. Some try to improve internet security by forcing IT departments and protection products to constantly innovate. Attacks can be focused and targeted, where ‘cyber gangs’ go after individual organizations with advanced malware campaigns. Other hacks come slowly, with smaller phishing efforts adding up over time. Hacks and malware attacks are the biggest security threats to businesses on social media.
- Data leaks – Data leaks can happen in a seemingly harmless post about relocating for work when that news is still confidential to your company. It can happen if you hit “paste” with text from a work-related email in your clipboard and post it into the wrong window on your screen. If can happen if your smartphone auto-corrects something you spelled wrong in a social media post to some project code name that you just used in an email. It can happen if you mean to send a private message and accidentally make a public social media post.
Even Twitter’s own CFO has done exactly that: posting confidential data via a public Tweet when he meant to send a private Direct Message. The rise of social media messaging has resulted in many who “have all but abandoned text messaging in favor of Facebook or Twitter messaging,” Steinberg adds. “And increased time on social media platforms translates into an increase in the risk of certain data-leak related problem emanating from social media use.”
The information security aspects of social media are seriously problematic, getting worse with time and, and have no viable solution on the market that comes close to addressing the problem of employees posting problematic material on social media.