The Rise of Social Media Data Breaches

Alex McConnell
Alex McConnell
28/04/21
4 Minute read
The Rise of Social Media Data Breaches

Article Contents

    Cybercriminals are always looking for the new weak link and social media is a point of vulnerability for many businesses. As it becomes more common for social media to be used for and by businesses, the opportunity for cybercriminals to use social media in their attacks grows.

    Social media is an essential tool for networking, events, advertising, keeping up with trends and more. However, with the rise of remote working and personal smart devices, social media data breaches are fast becoming a risk of which companies need to be aware.

    What is a data breach?

    Data breaches are the result of a cyber-attack where criminals gain unauthorized access to a computer system or network and steal private, sensitive, or confidential personal and financial information.

    Common cyber-attacks used in data breaches

    Leaked data almost certainly ends up on the dark web, which leads to cybercrime such as password crackingcredential stuffing and phishing.

    Hackers can use social media data breaches to create detailed profiles of potential victims and conduct targeted phishing attacks. Cybercriminals could also use the information to spam emails and phone numbers, or brute-force the passwords of social media profiles and their associated email addresses.

    If enough personally identifiable information (PII) is gathered in a data breach, this can lead to identity fraud and identity theft. These threats are increasingly becoming a concern online, mainly due to the rise in data breaches. Facebook estimates that anywhere from 50 million to 100 million of its monthly active user accounts are fake duplicates. As of late 2020, almost half of all consumers worldwide expect to be hit by a data breach.

    How social media impacts businesses

    Trust is a vital ingredient for social networks to operate successfully. They entice people to overshare confidential information, therefore providing cybercriminals with data that significantly assists them in breaching organizations.

    Cybercriminals primarily target business accounts

    These criminals may target a business’s employees and customers by impersonating the brand in an attempt to steal their credentials. The more visible and engaged with a business is on social media, the greater the possibility that a cybercriminal will attempt to target those users

    Cybercriminals can also use social media to contact potential victims

    They do that to build trust and persuade them to visit a phishing page. Companies can protect their employees with training against phishing and social engineering. Trained employees are less likely to fall for attacks than users with no training.

    How social media is putting your data at risk

    Millions of people spent significant time working from home during Covid-19, using personal devices. As a result, staff have become more vulnerable to malicious attacks from social media.

    Scammers might first try to infiltrate your social network using mutual connections and acquaintances to develop a false sense of security.

    This is an important reminder that we should remain vigilant when engaging with individuals we have not previously interacted with.

    The consequences of engaging with these cybercriminals is damaging the careers of individuals and associated businesses.

    The Centre for the Protection of National Infrastructure (CPNI) has launched a new campaign to help deter further criminal activity. The campaign asks government staff to focus on:

    • Recognizing malicious profiles
    • Realizing the potential threat
    • Reporting suspicious profiles to a security manager
    • Removing the profiles

    LinkedIn data breach: Spies are using LinkedIn to steal secrets from UK nationals

    LinkedIn is the world’s most used professional networking platform. Cybercriminals can conceal themselves as “headhunters” on the network preying on people who are looking for jobs.

    In April 2021, it was reported that attackers used fake social media profiles to engage specifically with people who have “access to classified or sensitive information.”

    According to MI5, at least 10,000 UK nationals have been approached by fake profiles on LinkedIn over the past five years. The LinkedIn attacks are directed at staff in government departments and major businesses.

    LinkedIn has since commented:

    Our teams utilize multiple automated techniques, coupled with human reviews and member reporting, to maintain LinkedIn as a safe and trusted platform.

    Linkedin

    Once connected, the attackers try to influence the individuals by offering speaking or business opportunities, before attempting to gain confidential information. LinkedIn users are being advised to take precautionary measures to protect their accounts and data.

    Stop your data from being breached

    Businesses should always look for suspicious activity, while training employees to follow cybersecurity best practices when operating online, including:

    • Using different passwords on every account
    • Monitoring online transactions
    • Using secure websites

    To prevent social media data breaches, businesses need to ensure they protect user information and secure company data.  Efficient training and technology can also help reduce the likelihood of a data breach along with increasing employee awareness and regularly updating policies.

    Talk to our team of cyber-security experts today to discuss our pioneering approach to bot management and how we can help you detect and stop unwanted bot activity.

    Block Bots Effortlessly with Netacea

    Book a demo and see how Netacea autonomously prevents sophisticated automated attacks.
    Book

    Related Blogs

    Price Scraping: How Does it Work and Who is at Risk?
    Blog
    Alex McConnell
    |
    19/11/24

    Ask the Experts: Black Friday Bot Attacks

    Get expert insights on the growing threat of Black Friday bot attacks and what retailers can do to stay one step ahead.
    Shopping trolley
    Blog
    Alex McConnell
    |
    14/11/24

    Evolution of Scalper Bots Part 5: The Rise of Retail Scalping

    Delve into the professionalization of scalper bots and the challenges in anti-bot legislation in our insightful blog post.
    Person hiding behind Google logo
    Blog
    Alex McConnell
    |
    13/11/24

    How Bot Expertise Stopped the Google Translate Bot Proxy Technique

    The Netacea data science team reveals a new attack technique: web scrapers using Google Translate as a proxy. Learn how to detect and protect against this evolving bot threat.

    Block Bots Effortlessly with Netacea

    Demo Netacea and see how our bot protection software autonomously prevents the most sophisticated and dynamic automated attacks across websites, apps and APIs.
    • Agentless, self managing spots up to 33x more threats
    • Automated, trusted defensive AI. Real-time detection and response
    • Invisible to attackers. Operates at the edge, deters persistent threats

    Book a Demo

    Address(Required)
    Privacy Policy(Required)