Social media is the new medium for hackers and the threats from social media platforms and the attacks on your business are ever increasing. Knowing how to remove these threats once they’ve been located can be tough.
With the explosion of social media over the last decade, social media impersonation has been on the rise. Social media impersonation occurs when a page or user is created that looks or appears as though it is the legitimate social media page for your business. These pages are generally used to collect information on people that follow the page, or to market fake promotions to generate followers to once again gather information.
Social media has also become a popular place for hackers to release their malicious content as well. Phishing and Malware have started come into the social media environment, with malware and phishing URLs being shared and linked on social media website; which are then spread across social networks using social engineering.
Types of Abuse
Executive Impersonation
Executive impersonation is when an account is setup to impersonate an executive member of a business. These accounts are used to connect with other people within the business, or with other businesses to then gather sensitive information on the business or people within the business.
Brand Impersonation
Brand impersonation occurs when a page or user is created that has been setup to look like and resemble a business. These accounts are used to gather information on the people that follow or like the pages, or to run fake promotions that will generate activity around the account and help it increase the number of followers.
Facebook is a common social networking platform. It is generally used for people to connect with other people. It can however also be used by people to follow their favourite business so that they can stay informed. The most common type of abuse on Facebook is Brand Impersonation.
A type of abuse that occurs on Facebook, are fake promotions. A fake promotion is run by an account owner, and will generally ask for a like or personal information to enter. When people sign up or add their information, the information is then recorded and sold on to 3rd parties for marketing or illegal purposes.
LinkedIn is a professional networking platform that allows business professionals to connect with one another. The most common type of abuse on LinkedIn is executive impersonation. This is done by setting up an account that impersonates an executive member of a business, the account this then used to connect with people within the business or that may be associated with that individual. Once connections have been made, the account information can then be captured and sold onto 3rd parties by the individual that created the account.
Twitter is a public messaging platform that allows people to send short messages to followers or friends. Recently it has begun to see a number of different types of abuse, from phishing to brand impersonations. A common type of abuse for twitter would be to run a fake promotion requesting people to enter their email addresses in the comments. These email addresses are then used by phishers and spammers in mailing campaigns.