Anyone active in social networks reveals information about themselves. These are primarily intended for friends and colleagues. Many users of services such as Facebook, Google+ and Stayfriends often underestimate; however: “False friends” looking for usable information can also sneak in.
Cybercriminals use the data provided free of charge by social media platforms for hazardous activities. The attacks are aimed at individuals, often high-ranking company employees. A multi-layered security concept is required to ward off such attacks.
According to the high-tech association Bitkom, more than three-quarters of German Internet users are currently registered with at least one social media platform. In other words, over 51 million are on an online social network – and the number is rising. But engagement in social networks is not reserved for private individuals alone. According to Bitkom, almost 50 per cent of companies now use social media platforms, be it for internal communication or interaction with customers and interested parties.
Also Read: Passwordless Authentication: A Method Soon To Be Expected On The Web?
However, social networks are not only associated with positive things, such as the fact that friends, acquaintances, relatives and work colleagues can contact one another and exchange information of all kinds. According to IT security experts, Facebook, for example, blocks more than 200 million illegal activities every day. These include posts with links to websites that contain malware or spam emails with unsolicited advertising messages or malware links.
In addition, around five to eight per cent of accounts in social networks are created by fraudsters and cybercriminals. They use fake profiles to send spam messages or gain access to other users’ data as “friends”. For example, supposed friends ask for a transfer of a few euros via direct message because they are supposedly in an emergency. Or they try to elicit company-internal information or data about colleagues from employees.
Targeted attacks on employees using such social engineering techniques are enjoying increasing popularity. Therefore, companies should be aware that attacks on mobile devices and social networks can be much more dangerous than targeted attacks. Because in the service society, employees are the most critical resource – for companies and fraudsters.
Even a small amount of data that attackers obtain via Facebook and Co. can be used to start further attacks. Information like
Are sufficient in some cases to activate recovery functions for other online accounts. Such “second-level attacks” are now the order of the day. This is especially true for attacks that target individuals, so-called spear-phishing attacks. The target group are preferably employees of companies and authorities who have access to important information. These can be employees of development and sales departments and IT administrators with access to account information, passwords, and data on network security settings.
For example, attackers send emails or messages to employees via Facebook, Google+ or Twitter. As an author, you use the data of colleagues or friends of the victim that you have obtained by hijacking accounts or carefully evaluating the person’s online activities. Often, the target person is asked to open an attached document or click a link embedded in the message. The background to such advances: In this way, malware is to be installed on the computer or mobile device of the person concerned, intended to give the attacker access to the company network, and he can spy out sensitive data.
A secure scope with social networks and social collaboration platforms is essential for companies. Companies should pay particular attention to the following five points:
To avoid data leaks within the company, developing and implementing binding social media guidelines is also advisable. These guidelines regulate whether an employee is allowed to be active in his role as an employee in social networks and what he has to consider. In some industries, such as the financial sector, highly restrictive requirements apply. In other areas, such as the media and entertainment industries, less stringent requirements are the order of the day.
If you want to protect yourself sustainably from the dangers that social networks can bring, you should also use the help of tools. They support users in eliminating malware and activating the “correct” privacy settings on Facebook and Co.
The unstoppable development of technology has brought about an impressive transformation of functionality in apps…
WISHEW App And Platform Launch In The United States On World Wish Day, April 29,…
When payments are consistent and dependable, your small business can confidently manage its expenses, invest…
In today's digital era, remote work has become an increasingly popular concept. More and more…
Definition: What is a pentest? A pentest, short for penetration testing, is a unique form…
Introduction to the importance of IT security for companies IT security is no longer an…