The popularity and influence of social media continues to increase at lightning speed, and recent events bear evidence to the impact-both positive and negative-this medium presents. As the tragedy of the Boston Marathon bombingunfolded, millions of people turned to social media for information, and government officials and law enforcement used it to keep the public informed and solicit their help.
The criminals were also using that same power of social media, but for very different purposes. Multiple fake charities were created on social networking websites within minutes of the explosions, claiming to collect funds for victims. Actors with unknown intentions registered more than 125 domain names associated with the Boston Marathon bombings and victims in the hours after the incident.
The hack of the Associated Press Twitter account was perhaps the first time we saw the power of social media influence our critical infrastructure. Moments after the bogus tweet was sent, falsely claiming President Obama was injured in a bombing of the White House, the stock market dropped. It quickly recovered minutes later, but the incident highlighted just how connected our world is, and how easily a single incident can have immediate and severe consequences.
Social media has changed the way we communicate and conduct business. We need to recognize that this change comes with risks; we must understand them and take action to mitigate our exposure to these risks. Here are three reasons why criminals see social media as great place to find victims.
1. Build it and they will come
Theres an old saying: Why do criminals rob banks? Because that's where the money is. Why are social media sites such an attractive target for attackers? Because thats where the people (and data) are.
These sites have millions of users, who are sharing a lot of information, which results in an enormous repository of potential victims and data. We've seen this repeatedly played out, with attacks against Facebook, LinkedIn, Twitter, and others.
2. With "friends" like these, who needs enemies?
We are too quick to tweet, post, pin, and share practically everything with practically anyone. This penchant for sharing so much and not always knowing who the recipient is can get us into trouble. The more information you post, the larger the dossier of information available to set the stage for a compromise-such as password cracking, identity theft, and more.
One of the most common methods criminals use to gain access is spear phishing, and the fact that we often share too much information makes it fairly easy for an attacker to gather enough material on you to conduct a successful spear phishing scam. You may think its your "friend" sending you that cute picture, but it may be a criminal looking to get you to click on it so he can infect your machine and steal your data.
Sign up for CIO Asia eNewsletters.