The Social Takeover: The Top 5 Social Media Security Risks
White Paper Highlights:
- Breakdown of malicious links on social (Malware - 29.9%, Phishing - 31.4%, Spam/Suspicious - 38.7%)
- Vladimir Putin boasts 318 impersonators.
- Social engineering profiles and fraudulent accounts fall into two categories: Minimally Invested Profiles (MIP), optimized for bulk creation, and Fully Invested Profiles (FIP), optimized for highly targeted campaigns.
- The Joint Chiefs of Staff have 234 impersonators across the major social networks.
- The average time to remediate a breached social account is 5.5 hours. These attacks are quickly becoming the staple for aggressive cyber vandalism campaigns.
- Social media enables less technical hacktivists to participate in cybercrime. The adversary leverages the network as a command & control tool to coordinate both social bots and huge populations of supporters to execute more traditional cyber attacks, such as DDoS.
- Media & Entertainment and Retail organization suffer from the most executive impersonations.
- Terrorism on social media is on the rise. ISIS is now setting a standard that other extremist groups will follow.
Fill out the form to download
The face of cyber security is shifting. With the advent of social media, the adversary has found a new vehicle for tried and true threats as well as a whole new breed of potential attacks, many of which are only beginning to take full form. Social media security risks have never been so advanced.
This white paper investigates how old threats, such as spear phishing, malware, and social engineering, have taken on a new form on social media. The attacker leverages the scale, speed, and trusted nature of social to take these age-old tactics to an elevated level of effectiveness. This white paper covers 1) Targeted Phishing & Malware and 2) Social Engineering, with an emphasis on executive impersonations.
The white paper also highlights ZeroFox predictions around some of the brand new threats introduced by social media. These include 3) Social Account Compromise, 4) Attack Planning & Hacktivism, and 5) Propaganda & Cyber Terrorism.