There are 3.8 billion active social media users today, with 321 million joining the party this past year. They are used to chat, learn, make new friends and stay in touch with old ones, attend live online events, shop, and more. It’s no wonder, then, that social media platforms have become a prominent eCommerce front, with nearly half of retailers engaging in social media commerce.
As with any other popular online scene, hackers are quick to embrace the trend and attack where people are. They recognize the opportunity and find many entry points to exploit. As stated by security expert Dov Yoran, “The more transactions we do on our phones, the more it draws the cybercriminals to go where the money is.”
For organizations, social media is an exposed online arena where employees and customers often unknowingly interact with attackers and put the entire business operation and reputation at risk. Cybersecurity expert Gregory Webb describes social media as, “a thorn in the side of enterprise security.” It’s important to understand just what it is about these networks that attackers find so attractive, and how they can be stopped using advanced anti-phishing solutions.
How social media platforms are used for cybercrimes against business
On social media, cybercriminals disguise themselves as company employees or act as the official company page. They mislead others and extract information which can later be used to commit identity theft crimes or directly reach monetary assets.
- Logo and trademark infringement: These are cybercrimes on their own, which may also be used to create a fake company page and commit fraud against unsuspecting users.
- Linking to counterfeit websites: Scammers can direct users to a website that imitates the brand and ask them to provide payment information via a fraudulent shopping experience.
- Special sale posts: Hackers would create fake ads inviting shoppers to participate in a special sale as a way to reach their personal information.
- Direct engagement: Attackers would target specific customers and approach them directly, pretending to be official representatives of the brand. This may also include links to fake websites.
- Account takeover: Hackers might try to take over the company’s social media account and commit crimes on behalf of the brand. They may replace certain links presented on the page or invite shoppers to participate in fake activities.
Unfortunately, this sort of criminal behavior is quite common and continues to be on the rise. 34% of companies report having suffered a social media infringement or abuse, and on a global scale, social media cybercrime generates more than $3.25 a year. These and other stats show that this is more than a passing trend. Social media has become one of the leading cybercrime scenes, and for good reasons.
Why it’s easy to perform cybercrime on social media platforms
Attackers are active on social media because their target audience (aka, us) are all actively using these platforms, but they have additional reasons for choosing to attack on these specific channels:
- Poor verification: Many social media networks do not perform regular backup checks and verify users’ identity. Considering the rising number of attacks, this is both puzzling and alarming.
- Anonymity: The overwhelming number of users makes it easy to blend in the crowd and move undetected. In addition, some social networks allow users to choose nicknames and avatars, which makes their activity even harder to trace.
- Invite only: Social networks that use this tactic make it easy for attackers to find users who fit a certain profile and may be more vulnerable.
- It’s all connected: Moving from one platform to the next is relatively simple, with many networks providing access to additional accounts.
- Easy set-up: Creating a fake account or brand page is extremely easy and only takes a few minutes.
- A killer combination: The combination of networks’ wide reach and users’ high trust levels creates an attractive habitat for cybercriminals.
The result allows attackers to risk the brand’s reputation by acting on its behalf, harming both companies and their customers.
What can you do?
The good news is that as social media cybercrime grows, we find a variety of anti-phishing solutions to prevent it. Some offer special training for employees, teaching them ways to spot fraudulent activity on social media and how to refrain from giving away sensitive information; others may want to offer users themselves more tools to stay protected.
The BrandShield anti-phishing solution handles the threat directly by detecting fraudulent activity on social media channels and removing the threats immediately. Through continuous monitoring and management, we are able to restore online safety and make social media networks a secure place for eCommerce activity once again.
Your employees and customers are already active on social media and are therefore exposed to security threats. To stay one step ahead of cybercriminals, schedule your demo with BrandShield today.