A Deep Dive Into The Vulnerabilities of Social Media
A Deep Dive Into The Vulnerabilities of Social Media
Navigating the Social Media Jungle: a Deep Dive into the Vulnerabilities of Social Media
Social media is a part of everyday life for many people, whether it is to stay in touch with friends and family, advertise products, shop, or seek entertainment. Out of 7.87 billion people worldwide, 56.8 are active social media users. In the United States, individuals maintain an average of 7.1 social media profiles and spend, on average, 145 minutes on them daily. A surprising 99% access these platforms via tablets or smartphones, and 76% have made purchases influenced by social media ads.
Given these figures, there are several opportunities for attackers to exploit personal data through applications and services on personal devices. Such attacks aren’t always technologically sophisticated, rather exploiting information that users share publicly and willingly. In 2023, the leading vulnerabilities are related to authentication codes, ads, repeated passwords, and social media quizzes.
All these issues share a commonality: they display red flags that can aid in detecting potential problems. Here are some frequently observed warning signs.
- Shortened URLs: Beware of links like Bit.ly and Bitly.com, as they were used in 41% of Phishing Attacks.
- Unexpected Reset Code Texts: If you receive a text message requesting reset codes for social media apps that you didn’t request, be cautious. These messages often create a sense of urgency about potential account access loss.
- Low-Quality Content: Be suspicious of poor-quality posts or images or content with obvious grammatical errors.
- Quizzes: Think twice before answering quizzes that ask for personal details such as your pet’s name, hometown, or high school mascot.
- Suspicious Account Requests: Avoid requests from suspicious accounts, especially those that have several ‘bot’ followers. Bot accounts typically have short replies, similar content, anonymous user profiles and little to no meaningful content.
The Power Of Secure Password Practices
Passwords are our first line of defense against any attack. However, they also become vulnerabilities that are the source of most breaches. A concerning 65% of social media users reuse passwords across multiple accounts. Attackers exploit this common mistake by using compromised passwords to gain access to multiple accounts linked to the user. For maximum security, each account should have a unique password, integrating a combination of numbers, upper and lowercase letters, and symbols. The complexity and length of passwords play a vital role in preventing hacking attempts, as illustrated in the accompanying chart from Hive Systems.
In addition to staying vigilant and creating complex passwords, users should consider the following steps to boost their cyber hygiene:
- Password Management: Use a password management system or software to manage and store your passwords.
- Be mindful of Your Posts: Attackers often piece together information about victims by browsing through their feeds, which can lead to more personalized interactions. Be selective about what you share.
- Avoid Money Transfers: Do not send money directly over social media.
- Enable Two-Factor Authentication: Use this feature for accounts and applications that support it, for an extra layer of security.
- Opt Out of Ad Targeting: Whenever possible, enable the ‘Ask App not to Track’ option to avoid targeted advertisements.
- Adjust Privacy Settings: Set restrictions on your privacy settings to the highest level available.
- Verify Before Purchasing: Before making an online purchase, search for the store name followed by ‘scam’. This will help you make a more informed decision and gauge the store’s credibility.
If you believe were the target of a social engineering attack or a scam, take the following steps.
- Change your password immediately.
- Look into suspicious logins on your account and log out of any unrecognized sessions.
- If a financial transaction was involved, contact your bank account or financial institution immediately.
- Report the fraud to the appropriate platform and file a report with: https://www.usa.gov/scams-and-fraud
- Do a full scan of your device with an antivirus software.
As our world continues to evolve and be more interconnected with social media, it is crucial to stay informed about potential threats and be proactive in safeguarding your online presence. Just as we protect our personal information and assets offline, we should exercise the same caution online. Vigilance is key to keeping malicious cybercriminals at bay.
References:
https://backlinko.com/social-media-users
https://www.forbes.com/advisor/business/social-media-statistics/
https://www.aura.com/learn/social-media-scams
https://us.norton.com/blog/emerging-threats/what-are-twitter-bots-and-how-to-spot-them
https://www.hivesystems.io/password-table
https://www.howtogeek.com/724969/how-to-ask-iphone-and-ipad-apps-to-not-track-you-across-the-web/