On the Fifth Day of Christmas, the Industry Predicted…More Social Media Attacks

Written by

The festive season is upon us and Christmas is approaching fast! The big day will be here before we know it and soon many of us will be enjoying some hard-earned time off as we enjoy the holiday season and welcome a new year.

However, as we know, cyber-threats don’t take a break, and cyber-criminals continue to evolve their malicious techniques as they seek to breach our data. Therefore, it’s important the industry keeps at least one eye on the future and looks to prepare itself for what’s ahead.

So, with 2016 drawing to a close, what are the experts predicting about what we can expect to come up against in 2017?

According to Mike Raggo, chief research scientist at ZeroFOX, cyber-attacks targeting social media will play a significant role in data security next year, with each public network offering different value opportunities to an attacker.

“The enterprise is quickly adopting in-house social collaboration platforms like Slack, Workplace (by Facebook) and Microsoft Teams,” he told Infosecurity. “These are huge productivity enablers, but come with significant risk, security compliance and governance challenges. As these platforms continue to evolve and expand, they become more unregulated, presenting a variety of different threat vectors for malicious criminals to expose.”

If you’re a cyber-criminal group, he added, Facebook is your main target. If you’re a nation-state actor going after corporate targets, LinkedIn would be the primary platform to target. An attacker selects a specific social media platform depending on what their ultimate end goal is.

It seems that not only will social media and networking sites be prime targets in 2017, but each will carry its own set of risks. So what form will these individual risks take, and what can be done to defend against them?


“Since LinkedIn is focused on business professionals, we see impersonators connecting with other employees within an organization,” Raggo explained. “For example, we’ve seen fake accounts on LinkedIn pretending to be recruiters, targeting InfoSec professionals. They go as far as tailoring their skills and resumes to information security. In fact, we sometimes see the same account updated over time with different job titles. While not uncommon for the normal business professional, we see these accounts change their title and bio tailored to completely different industries.”

It’s clear that these accounts are being used to connect with individuals with the intent of profiling them and their companies, probably as part of reconnaissance. We fully expect this trend to grow in 2017, as LinkedIn will become one of the most highly-targeted platforms for hackers.

Facebook and Instagram

“Facebook and Instagram account impersonators will continue to post scams luring in users based on giveaways, contests and extreme discount offers. Many times, these take the user to a link that either requests them to log in to their Facebook account or enter in their personal information and a credit card; in all scenarios, they’re phishing information,” Raggo said.

We’re also seeing the forwarding sites intelligent enough to understand the source device and if it’s a mobile device, convincing the user to download an app that then infects their mobile or phishes information. In 2017, hackers will use images and videos more frequently across Instagram and Facebook as vectors to expose users to malicious viruses – and in tandem, mobile malware will become a more prominent threat.

“With one simple click, an unsuspecting victim can completely compromise their laptop/phone, or even their entire business enterprise if done so in the workplace.”


Twitter continues to be used for distributing malicious links to distribute malware or perform phishing attacks. Some of these are promoted through hashtag hijacking, impersonating a legitimate company or brand, free offers and many times through direct messages. Shortened URLs obfuscate the malicious link making it difficult for the individual to check the destination site. 

“In 2016, we’ve seen an abundance of account hacks through Twitter – from the Zuckerberg breach to the 32 million passwords being leaked – and this will only increase in the new year.”

Tackling the Issue

Raggo admits that whilst it’s impossible to completely eliminate social media attacks in general, at least for the time being, there are certain steps individuals and businesses can take to protect themselves.

“Multi-factor authentication should be a standard security practice for everyone online today,” he said, “and password reuse across social accounts should be avoided at all costs. Businesses should also constantly be monitoring their social media and digital channels for business and security risks, as well as imposter accounts, to watch for phishing links, scams, and more.

“Additionally, organizations must adopt a programmatic approach to managing and mitigating social media security risks. Hackers are constantly exploring new ways to breach their victims, but with a few digital hygiene best practices, individuals can protect themselves and slow attackers down in a substantial way."

>> On the First Day of Christmas, the Industry Predicted...More Ransomware

>> On the Second Day of Christmas, the Industry Predicted…Poor Routine IT Practices

>> On the Third Day of Christmas, the Industry Predicted…More Political Disruption

>> On the Fourth Day of Christmas, the Industry Predicted…CIOs to Reclaim Ownership of Data Initiatives

>>On the Sixth Day of Christmas, the Industry Predicted…a Big Year for IoT

What’s hot on Infosecurity Magazine?