Social Media AttacksBy Laura Jung

How the Attacks StartPopularity of these sites with millions of users

makes them perfect places for cyber attacks or cybercriminal activities

Typically happen when user log in to their social networking sites like Facebook or Twitter

Users encounter malicious posts while browsing people’s profiles

ContinuedPosts usually include malicious URLs that can

lead to malware download pages or can trigger spamming routines

Cyber criminals have started using public interest in social media to send spammed messages from a legitimate social media site

Types of Attacks: Facebook

Lifejacking attacks: Cybercriminals are making creative and interesting posts to use as bait such as celebrity news or popular events

Once clicked, the user is becoming an accomplice to the attack because the spam is automatically reposted on their wall and their contacts’ wall as well

A popular version of this attack causes users to like a post without the users’ consent

Sometimes this will lead users to survey sites which the cybercriminal can even profit from

Facebook: Rogue Applications

Rogue Applications: On social media sites, users are able to play games that have open platforms where almost anyone can submit applications

Cybercriminals use this to set up applications that can be used for spamming or phishing attacks.

Facebook Chat AttacksOne of the most common attacks occurs on

Facebook chat because cybercriminals can strike up conversation with friends and communicate with their contacts in real time

Chat messages can be used to spread malware or promote phishing applications by impersonating you on chat and messaging your contacts the spam or malware to your contacts.

Have been able to impersonate security team of social media sites in the past.

Facebook Chat Attacks Viral spam chain: where if you click a link on

Facebook it will send out massive spam to your Facebook connections

To prevent it make sure you do not open these type of links, which usually have the old Facebook look

Example

Results

TwitterSpammed Tweets: Despite the short character

count many cybercriminals have found a way to use this to their advantage by creating short compelling posts with links. ( free vouchers, weight loss programs)

Malware downloads: Twitter is also used to spread malicious malware download links similar to Facebook.

KOOBFACEMost popular type is KOOBFACE, which is a

multiplatform worm that targets both Facebook and Twitter, which leads users to fake YouTube page where they can download the malware

KOOBFACE is dangerous because it is capable of stealing personal information from your social media pages such as email, interests, employer.

Prevention Use basic online precautionary measures

Users need to watch out for bogus notifications

When looking at other people’s pages, user needs to realize not everything on pages is safe.

Users should make sure to protect the privacy of their data and to remember that anything posted is publically available.

Think and analyze before you click the link

Understand the security settings and avoid sharing personal details.

If you notice it report it to the site’s security team.