Social media security: Avoiding the phishing threats

[Logethica]

Social media security:
Avoiding the phishing threats from Facebook, Twitter and LinkedIn

Social media may not be everyone’s cup of tea, but it is getting harder and harder to ignore for organisations – especially from a cyber security perspective.

A range of recent research has highlighted the increasing dangers that organisations face from employees’ social media usage.

…

Samani at Intel Security says that the main danger from social media historically would be a phishing approach.

“It doesn’t take a lot to do a targeted attack from the information that is available online through Twitter and LinkedIn.”

He says that “promiscuous” activity on social media has made it much easier to carry out these attacks.

Phishing essentially aims to trick a user into giving up personal information.

Information harvested from social media could be used in a spear phishing email is more targeted still, appearing to be from an individual or business that seems to be known to the victim.

A common email scam, for example, sends an email to all of a victim’s contacts, claiming to have been stranded at a foreign airport and asking for the money to fly home.

The social media-driven attack could take key information from the profile, such as their job and their interests. This is then fed into the phishing email to convince the victim that this comes from someone who knows them.

There are other risks. Fraudulent social media accounts can send malicious links or adware.

…

A good starting point in preventing these threats is creating a social media policy for employees...

Continue reading this article at the link at the top of the page

 

[_CyberGhosT_]

Great read, thanks Logethica

Intel Security’s research found that 24 percent of the 2000 UK-based respondents had connected with someone they did not know on LinkedIn.

69 percent of respondents had never wondered if someone was not whom they said they were on LinkedIn.

Research conducted by OnePulse for RiskIQ found that only 53 percent of people check for the verified badge when engaging with a retail brand.

Only 42 percent of people checked the brand’s other social media posts, 40 percent checked the brand’s replied to other people’s Tweets or posts. 31 percent checked the Twitter handle or Facebook URL while 24 percent checked the brand’s number of followers or likes.

Most social Media is bad enough with security, you add user habits like this and your asking for trouble.
Thanks again buddy.
PeAcE

 

[DJ Panda]

I almost never chweck Facebook. I use it to enter MT giveaways and read the occasional Malwarebytes post.

 

[_CyberGhosT_]

I almost never chweck Facebook. I use it to enter MT giveaways and read the occasional Malwarebytes post.

I never FB anymore, and I love MT on Twitter, try it Gamez

 

[Logethica]

Added a Poll...
I didn't vote as I am not currently an active user of any of the above Social Media/Networking sites..
I have been a very active user of YouTube,Google+,& LinkedIn in the past..
..and I had a very brief spell on Twitter.

 

[King Alpha]

FB and Twitter(mostly for MT Giveaways)

Where's MalwareTips?

 

[Logethica]

Social media, the gateway for malware:
SOURCE: csoonline

A recent NopSec 2016 State of Vulnerability Risk Management Report found that organizations use inadequate risk evaluation scoring systems. The report claimed that social media -- which often isn't included in any risk evaluation system -- is now a top platform for cybersecurity.

Steve Durbin, managing director at Information Security Forum, said that correlation is a bit of a strong word. "Social media use has increased. Once someone is onto a site like LinkedIn, Twitter, or Facebook, there is almost an assumption that the way you are interacting with others is without risk. Psychologically, your guard is down."

"From a hacker standpoint, social media is rich picking. We have an environment where by nature the people have very low guard. They will quite readily engage with a third party. It's a great opportunity to gather information that you can make use of from spear phishing to social engineering to push out malware," Durbin said.

In the sixth annual Smarsh 2016 Electronic Communications Compliance Survey, 48 percent of the respondents cited social media as the number one channel of perceived compliance risk.

"Even when a firm has banned social media channels, risks remain if employees do not adhere to the ban. In fact, the percentage of respondents who claim to have minimal or no confidence that they could prove the policy of prohibition is working ranges from 30 percent for LinkedIn to 41 percent for Facebook and 45 percent for Twitter," according to the Smarsh report.

[To read the full article please visit the link at the top of this post]​

 

[frogboy]

I use FB and Twitter but mostly for technology Tech updates.

 

[DardiM]

I checked : YouTube (without account)

 

[enaph]

I use FB, G+, Twitter, YT and Instagram quite active but I was never a victim of phising on any of them.
Maybe it is a pure luck or I have a very good surfing habits

 

[Cohen]

I use Reddit and YouTube mostly every day. I only use Twitter for the occasional MalwareTips giveaway so I didn't bother ticking that.

 

[Viking]

I only use Facebook for "geek" stuff!

 

[SecretKeeper]

Facebook is literally nothing to me right now. I don't have a lot of friends in real life so It's not really checked. I do use Reddit, Twitter & YouTube the most.

 

[Overlord]

I use FB and Twitter (mostly for giveaways)