Setup Menus in Admin Panel

Most common risks in social media

Nowadays, it is common knowledge that social media integrates our daily interests and activities. However, do we share the habits and behaviours regarding social media usage? To understand the relevance of social media in our society, it is important that we stay on top of the latest social media statistics. Next, we present the 10 most relevant statistics for social media:


With this kind of statistics, it’s no wonder that social media networks are becoming one of the famous platforms to gather users’ data, either perpetuated by network itself in a legal manner, or by hackers with malicious intent.

The most preeminent risk of social media is malware that can compromise all of your data. There are different kinds of malware with different purposes, as you can see below:

  • Ransomware – software that uses encryption to disable a target’s access to its data, like photographs or documents, until a ransom is paid. This malware is activated when the user clicks in a hyperlink posted in a social media platform or in an image that redirects the user to an external website that spreads the malicious code.

Example of a Ramsomware

Chat apps like WhatsApp or Facebook Messenger are common means to ransomware attacks.

In this example, cybercriminals sent deceptive messages that contain SVG image attachments via Facebook Messenger. Users who clicked on the image fond themselves on a website that pushed a popup to install a browser extension or add-on to view a video. Later, after the malicious code infected the users system, another pop-up appeared, demanding payment in order to unlock user’s files.

  • Trojan horse – Type of malicious code or software that looks legitimate but can take control of your computer. A Trojan is designed steal data (logins, financial data, even electronic money), install more malware, modify files, monitor user activity (screen watching, keylogging, ), use the computer in botnets, and anonymize internet activity by the attacker. A Trojan acts like a legitimate application or file to trick you into downloading and installing malware. Once installed, a Trojan can perform the action it was designed for. Usually, a Trojan horse is hidden in fake advertising or is send to users by instant messaging.
  • Virus – Form of malware that is capable of copying itself and spreading to other computers. Viruses often spread to other computers by attaching themselves to various programs and executing code when a user launches one of those infected programs. Viruses can also spread through script files, documents, and cross-site scripting vulnerabilities in web apps. Viruses can be used to steal information, harm host computers and networks, create botnets, steal money, render advertisements, and more.
  • Greyware –form of malware that doesn’t really do any physical damage to your data as other malware can, and it presents itself in a more bothersome matter, such as adware and spyware. It has a high prevalence in social media, usually in the form of “click bait”, where an enticing article will lead you to a website that asks that you to do an action, like install a fake social media plugin or fill out a quick survey before accessing the media. That information is then collected and sold to other cybercriminals and can be used in attempts to hack into your personal accounts.

Example of Greyware

Over the years, scammers have used both real and fake celebrity deaths as a way to convince users to click on links and perform actions.

One infamous example followed the death of the actor Robin Williams, in 2014. Only 48 hours after his death, a video started circulating in Facebook claiming to link to a supposed goodbye video by Williams. Users that clicked on the link to the supposed video were taken to a fake BBC News website. Then, they were instructed to share the video on Facebook before watching. After they shared the page as requested, a second fake page appeared and requested the filling of an online survey. Personal information were collected and then sold to unscrupulous Internet marketers

  • Worms – Worms are among the most common types of malware. Worms can modify and delete files, steal data, install a backdoor and allow a hacker to gain control over a computer and its system settings. They can even inject additional malicious software into a computer. Worms can be transmitted via software vulnerabilities or could arrive as attachments in spam emails or instant messages. Once opened, these files could provide a link to a malicious website or automatically download the computer worm. Once it’s installed, the worm silently goes to work and infects the machine without the user’s knowledge. Worms often spread by sending mass instant messages with infected attachments to users’ contacts.

As you can notice, all of this malware uses the same strategic to lure the user, namely, phishing scams or attacks. Phishing attacks use malicious sources to collect personal and financial information or infect user’s machine with malware.

The first step of a phishing attach is always the same: In your social media feed or in your instant message application appears a link, photo, video, an article, or an advertisement. This could appear to be from anybody – a news source, a celebrity, a business, the social network itself or even a trusted contact. Most of the time those sources are impersonators of real accounts or users whose social media account has been compromised or their identity has been stolen.

Example of an impersonator account

Twitter has a tool that verifies accounts in order to reduce fraudulent activity, named “Twitter Verified”. This is the real account for it:

It didn’t take long to the appearance of a cloning account, claiming to be the authentic verification help account, and directing users to all sorts of malicious payloads.

Social media phishing plays on your basic human emotions and needs, such as trust, safety, grieving, fear of losing money, getting something for nothing, eagerness to find a bargain or desire to find love or popularity/status. They also generally state or imply the need for your urgent action to either avoid an issue or take advantage of an offer.

Examples of Phishing Scams

OMG! Did you see this picture of you?

Secret details about Michael Jackson’s death!

Only 1% of people can solve this problem! Take the quiz now!

Adidas is giving away 3,000 Free Pair of Shoes to celebrate to celebrate its 93rd anniversary. Get your free shoes now!

These are very common phishing scams that involve a question, a celebrity, a brand or a fact that piques the user’s interest and then directs them to a fake login screen to obtain login information or automatically installs malware onto a computer.

The second step of a phishing attack is to redirect the user to a website that requests confidential details or causes your computer or mobile device to be infected with malware. This malware can be installed automatically or after requesting the download of a program, browser extension or application.

Alternatively, the post, tweet or message may instruct you to make a phone call to a specified number. This can either result in confidential details being requested, or an exorbitant charges being added to your phone bill.

SEE ALL Add a note
Add your Comment