Big social networks such as Facebook, Twitter, Instagram or LinkedIn are often targeted by cyber-criminals. These attacks are executed in two ways: currently, the majority of attacks uses social networks simply as platforms for spreading malware. However, besides that, social media networks are expected to be the go-to points for devising the attacks themselves, by tailoring them to user's information, location, and activities.
Why are social media networks perfect platforms for cyber-attacks? Well, traditionally, cyber-threats were spread through emails, links, suspicious websites etc. Over time (and fortunately), users became more informed on how malware is spread, they became more protective and less naive. However, social media networks come with an inherent dose of trustworthiness. On these networks, users are interacting with their friends and family rather than strangers, so the feeling of dangers lurking behind every corner is certainly not as strong as on flashy websites full of pop-ups. This element of surprise and the user's trust towards social media networks is what makes them perfect playgrounds for cyber-criminals.
The most common way for cyber-criminals to breach into the social media accounts of their victims is to acquire their login credentials. Most often, they manage to do this through fake emails that are supposedly sent by the social media site itself, tricking users into entering their login data. After the hijacking of the data, the attacker will continue to acquire user's sensitive information and use their personal data to continue the attack. Therefore, users should watch out for any requests for password resets that may arrive via email. If you didn't ask for the reset, this is an obvious sign that your account is trying to be or is being hacked into.
Not only individuals are the targets of these attacks. Even more, corporations, institutions, and associations should be especially careful, because they can also be victims of social media cyber-attacks. Cyber-criminals target them to acquire valuable sensitive information about the organization. Not only sensitive information is valuable to the attacker. Public information shared on social networks related to positions and relationships within the company can help the attacker in prioritizing victims and possibly orchestrating both virtual and real-life security breaches. For example, a cyber-criminal can easily identify the most vulnerable victims in a corporation through social media, and after accessing their accounts and system, simplify their access into the entire structure.
In the end, is there a way to protect yourself from these attacks? Well, your best bet is certainly increased caution and becoming aware that social media platforms are not harmless and safe from cyber-attacks. Always carefully check emails sent by social networks and avoid clicking on links attached to emails. Also, watch out for any notifications of attempts to reset your password that may arrive to your email.