Cybercrime and Social Media

What is the purpose?

Just as with a so-called "traditional" phishing campaign, these social media-specific cyberattacks employ the same tactics (phishing, ransomware, spam, malware).

Some hackers even manage to take control of influencers’ official accounts to extract information from their followers in order to exploit their credibility and gain their trust.

This is how they spread malicious content by prompting users to click on links or enter their personal information.

According to an FBI investigation, malicious activity on social media has quadrupled over the past five years, and the agency plans to step up its monitoring efforts.

Cybercriminals wield significant influence through these channels, as social media has become the new trusted source of information today.

Social media therefore now poses a serious cybersecurity threat, not only in terms of a brand’s online reputation but also for individuals.

“Cybercriminals no longer aim primarily to install a virus on a computer to disrupt its operation. Instead, they seek to plant a small, invisible piece of software that allows them to collect confidential information.” (Source: Le Monde)

Which networks are affected?

In reality, they all are. Numerous attacks have been reported on TikTok. Hackers pose as members of the platform’s administration and redirect users to a WhatsApp conversation. In this conversation, the user is asked to reveal personal information to “prove” that they are in compliance with the social media platform’s policies. Of course, this is a lie; the goal is to steal their data.

LinkedIn, for its part, acknowledges that it cannot guarantee the security of its members’ data. In 2012, the platform was hit by a cyberattack, and in 2016, the stolen data was found on the dark web. Following another attack in 2021, the data was also found for sale on online forums.

According to Facebook, it appears that Russian spies created fake profiles of women in order to seduce American soldiers and extract information from them about their attack strategies.

A lot of malware In fact, a lot of malware and phishing attempts are spread via messages on Facebook (Messenger) from your friends’ accounts that have been previously hacked.

On Twitter, many accounts belonging to politicians or government officials have been hacked by opposing organizations in order to post messages that go against their values. (Source: Stratégies)
The major problem with this platform is how easy it is to create an account and post whatever we want, making it alarmingly easy to spam.

On YouTube, you might be prompted to watch the “Video of the Year,” but when you try to play it, you’ll be asked to install a program (purportedly software that lets you play the video), when in reality it’s malware, explains Jérôme Robert, director of Skyrecon.

What steps should you take?

Are there actually any regulations in place to protect users of these platforms? Most social media platforms state in their Terms of Service (ToS) that they assume no liability if their members’ information is disclosed.

That’s where we come in—to remind you of the best practices to follow to keep your social media use safe.

First and foremost, it’s best to use common sense, just as you would in your daily life. If something seems suspicious, trust your instincts. If one of your contacts sends you a strange message, verify its authenticity by reaching out to them through another channel, such as a phone call.

“We need to stop demonizing the Internet, but just like in real life, you can run into the wrong kind of people online” (Christophe Ginisty – President of the Internet Sans Frontières association)