Anyone active in social networks reveals information about themselves. These are primarily intended for friends and colleagues. Many users of services such as Facebook, Google+ and Stayfriends often underestimate; however: “False friends” looking for usable information can also sneak in.
Cybercriminals use the data provided free of charge by social media platforms for hazardous activities. The attacks are aimed at individuals, often high-ranking company employees. A multi-layered security concept is required to ward off such attacks.
Private & At Work – People Are Just A Part Of Social Networks
According to the high-tech association Bitkom, more than three-quarters of German Internet users are currently registered with at least one social media platform. In other words, over 51 million are on an online social network – and the number is rising. But engagement in social networks is not reserved for private individuals alone. According to Bitkom, almost 50 per cent of companies now use social media platforms, be it for internal communication or interaction with customers and interested parties.
The Success Of Social Media Attracts Criminals
However, social networks are not only associated with positive things, such as the fact that friends, acquaintances, relatives and work colleagues can contact one another and exchange information of all kinds. According to IT security experts, Facebook, for example, blocks more than 200 million illegal activities every day. These include posts with links to websites that contain malware or spam emails with unsolicited advertising messages or malware links.
In addition, around five to eight per cent of accounts in social networks are created by fraudsters and cybercriminals. They use fake profiles to send spam messages or gain access to other users’ data as “friends”. For example, supposed friends ask for a transfer of a few euros via direct message because they are supposedly in an emergency. Or they try to elicit company-internal information or data about colleagues from employees.
Protect Against Social Engineering And Cyber Attacks – This Is How It Works!
Targeted attacks on employees using such social engineering techniques are enjoying increasing popularity. Therefore, companies should be aware that attacks on mobile devices and social networks can be much more dangerous than targeted attacks. Because in the service society, employees are the most critical resource – for companies and fraudsters.
Even a small amount of data that attackers obtain via Facebook and Co. can be used to start further attacks. Information like
- First and Last Name
- Email address
Are sufficient in some cases to activate recovery functions for other online accounts. Such “second-level attacks” are now the order of the day. This is especially true for attacks that target individuals, so-called spear-phishing attacks. The target group are preferably employees of companies and authorities who have access to important information. These can be employees of development and sales departments and IT administrators with access to account information, passwords, and data on network security settings.
The Criminal Scam: Fake Email With Harmless Links
For example, attackers send emails or messages to employees via Facebook, Google+ or Twitter. As an author, you use the data of colleagues or friends of the victim that you have obtained by hijacking accounts or carefully evaluating the person’s online activities. Often, the target person is asked to open an attached document or click a link embedded in the message. The background to such advances: In this way, malware is to be installed on the computer or mobile device of the person concerned, intended to give the attacker access to the company network, and he can spy out sensitive data.
A secure scope with social networks and social collaboration platforms is essential for companies. Companies should pay particular attention to the following five points:
- Maintain an open approach to social media instead of prohibiting the use of such services
- Education of employees
- Control of the company’s social media activities
- Involve security officers more closely in decisions
- Establish guidelines for the benefit of social media
Correctly Plan Social Media Guidelines In Companies
To avoid data leaks within the company, developing and implementing binding social media guidelines is also advisable. These guidelines regulate whether an employee is allowed to be active in his role as an employee in social networks and what he has to consider. In some industries, such as the financial sector, highly restrictive requirements apply. In other areas, such as the media and entertainment industries, less stringent requirements are the order of the day.
If you want to protect yourself sustainably from the dangers that social networks can bring, you should also use the help of tools. They support users in eliminating malware and activating the “correct” privacy settings on Facebook and Co.