Threat Intelligence Blog

Posted May 7, 2014

In our previous post, we discussed some of the reasons why criminals like social media. In this article, we’ll look at more ways that they’re using it to find and deceive unsuspecting victims.


Millions of people use social media every day to connect to friends, family, and coworkers by clicking on various links to news articles, pictures, and other “shares”. Thus, it is not surprising that phishing is the most common Internet scam today, especially on social media. In 2012 alone, $687 million was lost to phishing attacks. A common social media scam involves a criminal sending a legitimate-looking email to a social media user, asking him or her to confirm account details. Once the criminal obtains their username and password, the criminal uses the account to send emails to the users’ friends, followers, or links asking for money, proprietary company information, or additional personal information.


Rogue mobile applications are a form of phishing, and some rogue apps that are found on popular social media sites may themselves contain malware. Employees using social media on their own devices that are connected to your network can expose an otherwise secure organization. For example, Help Net Security reports that 52% of organizations have experienced an increase in malware attacks as a result of their employees’ use of social media.

Physical Harm

When personal details shared on social media sites are combined with geo-tagged information, criminals can easily locate targets. For example, criminals can determine the approximate area where a YouTube user lives by collecting information from the YouTube account and account activity, and then determine whether he or she is on vacation by looking at the videos being uploaded. After a few Google searches, his or her real name and real address can be found.

What if your company was experiencing layoffs, merger, or other unpopular reorganizations? As we have learned from many executive cases, spending all the money in the world on security is for naught if social media is not monitored and included within your physical security policies.

How Does This Apply to Your Business?

Unfortunately, security issues related to social media aren’t just limited to big companies. Small and mid-sized businesses must consider them too, even if it’s on a smaller scale. These attacks can result in harm to your customers, and in the case of a small business, even to bankruptcy or closing it down.

For more ideas on how you can protect your organization, check out our recent blog post, Social Media Monitoring and Compliance: Five Best Ways to Navigate Complexity in the Workplace.

Additional Posts

How Can SMB Overcome Obstacles to Social Media Monitoring for Risk and Compliance?

Small and medium businesses (SMB), particularly banks and credit unions, typically have to meet the ...

Cartels, Terrorists, and Prisoners: Why Do Criminals “Like” Social Media?

In this two-part series, we explore the darker side of social media to find out why criminals like ...