Social media threats targeting enterprises have increased 47% since January 2021, according to PhishLabs Quarterly Threat Trends & Intelligence Report.
Recently, PhishLabs mitigated an attack using a fake social media page to steal the credentials of a credit union (CU) customer.
Threat actors increasingly use social media to attack brands, VIPs, and customers. The types of threats on these platforms are diverse and each social network has different policies in place for how they respond to reported attacks. As a result, mitigating threats on social media can be a frustrating and time-consuming process for security teams.
Social media is rapidly becoming the preferred online channel for threat actors. Almost four billion people use some form of social media, and organizations are increasingly reliant on company pages, executive presence, and positive customer interaction to build a strong brand. As a result, a malicious post or tweet can cause irreversible damage to an enterprise.
Social media is rapidly growing as a preferred channel for threat actors targeting enterprises with malicious campaigns. Half of the global population uses social media, and a post containing sensitive data or impersonating a high-level executive can be shared instantly, for 3.8 billion people to see.
On Tuesday afternoon, dozens of high-profile Twitter accounts were hijacked. Threat actors took over the accounts of Elon Musk, Bill Gates, Barack Obama, Jeff Bezos, and many others. Corporate Twitter accounts were also hijacked. What does this mean for enterprises and their security teams?
Threat actors are masquerading as executives on social media for purposes of stealing credentials and damaging popular brands. Today, many VIP's have accounts on these platforms to network as well as post content promoting their companies.
When the term data leak comes to mind, most enterprises think of the dark web. Although compromised information can damage an organization when distributed through gated and anonymous platforms, we are seeing social channels being used to allow for a more rapid and potentially destructive outcome.
Threat actors are using social media accounts to expose and sell data that has been compromised. While information found on many of these platforms has traditionally been disclosed by enterprises and individuals with intent, cyber criminals are taking information acquired by means of scams and data breaches and promoting their sale on various social mediums not always monitored by security teams.
With more than 2.95 billion people now estimated to use social media, an organization's online presence directly relates to the satisfaction of its customers, as well as its profits. False or misleading images or comments connected with a brand on online platforms can swiftly impact the reputation or even financials of an otherwise successful company.