Social Networks: The Hunting Ground Where Criminals Are Netting $3bn Yearly In Illicit Profits
How often do you hesitate to click on a link shared by your friend on social media? Maybe not as often as you do with links shared via email.
There is some sort of trust among friends on social media that makes people less vigilant about their online security. Many organizations allow their customers to connect with them through Facebook, Twitter, Instagram, LinkedIn, YouTube and so on. This combined with the interconnectivity of social media has made social platforms an attractive hunting ground for cybercriminals. An attacker can easily perform chain exploitation, whereby he abuses trusted connections to orchestrate tailored attacks across numerous platforms.
According to a report by Bromium, a cybersecurity firm, social media platforms have supported a cybercrime economy that grows by $3.25 billion per year. The report was produced as part of a 6-month academic research study at the University of Surrey, UK.
Cybercriminals employ many kinds of tactics on social platforms - from botnets for hire to crypto jacking.
But why have these criminals increased their focus on social media?
A simple and probably straightforward answer to this question is that social sites make it effortless to share content. Cyber attackers can easily spread malware and implement their methods to rip off users. In fact, the University of Surrey study found out that the methods used to scam users on social sites are 20 percent more than methods used on other websites. Adverts, sharing buttons and plugins are among the most used methods, and the fact that users can have thousands of connections makes it convenient for cybercriminals to distribute attacks to as many people as possible.
Every social media site is like a Trojan horse that hackers and other kinds of cybercriminals can use to practice sophisticated attacks. It is not until two years ago that these criminals started using crypto jacking, a method where the attacker takes over the computing resources of another user’s computer to mine cryptocurrency. Once the malware has been inserted into a user’s browser, it can be used to mine crypto for cybercriminals who might be on any part of the globe. This is the new way of monetizing malware, and it is widespread on social sites because that’s where most cryptocurrency marketing takes place. Researchers found out that social media sites make 80 percent of sites hosting crypto jacking code.
Illegal Trade of Personal Information
Hacking of social media accounts is not an unusual occurrence today despite efforts to safeguard the safety of users by social media companies.
The Bromium report revealed that about 1.3 billion users have experienced social media account hacking. Further, nearly 50 percent of illicit personal data trading can be traced back to social sites. Cases range from stolen usernames and passwords to breached credit card information. The growth of dark economy that rides on stolen personal data from cybercriminals is estimated at $630 million per year.
One of the most unsuspected methods of stealing personal data over social media platforms is by use of fake accounts. For instance, a cybercriminal sets up a fake account for a popular personality and asks users to send money to participate in a competition or for a free cryptocurrency deposit to their account.
Money Laundering Through Money Mules
This is a more traditional crime used by cybercriminals involved in money laundering. Through social media, these criminals use unsuspecting young millennials to transform their ill-gotten proceeds into cash. Often, victims are given ‘opportunities’ to make big money in a short while. With their naivety and desperation for employment, these young individuals unknowingly become money mules – pawns in the cybercriminals’ money laundering games.
Other cybercrimes orchestrated on social media include illegal sale of drugs and supplements. The report tagged illegal sale of prescription drugs as a potential opportunity for cyber hackers to pocket billions of dollars. And now with cannabis being legalized in more states across the US as well as in other nations (like Canada), news scams involving marijuana are in the making and they will most likely be unveiled through social media platforms.
Cybercriminals are taking advantage of the trust on social media to buy/sell hacking expertise and tools as well as spread malware. With social media becoming instrumental at the workplace, its target by cybercriminals is presenting a major security threat to organizations. While using a reliable VPN like NordVPN may not keep one completely safe from personal data thieves, it can make it harder for cybercriminals to steal your data as you use social media platforms.
Social media companies and other stakeholders concerned with users’ online security need to do more to protect users. Education to users about the risks of the emergent threat of using social media at any given time is one of the most effective ways. On their part, social media users should know that tiny adverts by big-name companies and get-rich-quick schemes are highly risky blind spots where one can suffer devastating scams.