With more than 61 per cent of UK adults now accessing social media sites to communicate with their network of friends, upload photos, and  post opinions, cybercriminals are adapting their behaviour to take full  advantage. The recent LinkedIn security breach that released more than six million  passwords into the wild highlighted this cyber trend and the need for more  robust security when dealing with social media. However, it also highlights the  need for more awareness and education among users of social media.

Hackers are increasingly targeting individuals through a combination of  social media sites to build a profile ripe for attack.  With research from MyJobGroup claiming that 55 per cent of  the respondents access social media sites while at work, the potential impact to  a business cannot be overlooked.

First, attackers will identify which particular organisation they want to target – whether the motive is corporate espionage or financial gain. Then they will look on various social networks for individuals who are employed with those organisations, perhaps within a particular function such as finance or human resources. The attacker will look to befriend these individuals, building a network within the organisation and tricking unsuspecting users into accepting a friend request even if they don’t know the individual personally.

Once an attacker has established one connection, it becomes easier to establish others providing a source of additional information about the target’s interests, making a spear phishing attack easier. Once the attacker has built the profile of their target, they can tailor the attack to appear like something the target is receiving from a friend about a topic they are interested in. The target will be more inclined to click on these links that lead to a quiet attack and ultimately give the attackers access to the corporate network.

While some businesses will avert these threats by blocking employee access to social media while on corporate equipment, there is more value having employees engage with their social networks – whether that is for recruiting, building partnerships or engaging customers.  Companies therefore need to teach employees about the dangers of social media when combined with today’s social engineering attacks as well as best practices when engaging on social media.

Read more…

Cookie Control

Cookie control

We have placed cookies on your device to help make this website better.

I'm fine with this

We have placed cookies on your device to help make this website better.

You can use this tool to change your cookie settings. Otherwise, we’ll assume you’re OK to continue.

Some of the cookies we use are essential for the site to work.

We also use some non-essential cookies to collect information for making reports and to help us improve the site. The cookies collect information in an anonymous form.

To control third party cookies, you can also adjust your browser settings.

I'm fine with this
(One cookie will be set to store your preference)
(Ticking this sets a cookie to hide this popup if you then hit close. This will not store any personal information)
Information and Settings Cookie policy