With every social networking site, comes the treacherous threat of spamming. Neither Facebook Inc. (NASDAQ:FB), nor Twitter Inc. (NYSE:TWTR) is spared by these threats. These social media threats usually have the purpose of stealing customer data (credit cards, debit cards, bank account details, etc), bringing bad name to a brand, manipulate markets and illegally carry out various kinds of internet con schemes. According to a research paper by Nexgate titled ‘The State of Social Media Infrastructure: Part 2- The Security Threats to Social Infrastructure of the Fortune 100’, social spamming grew by 658% since mid-2013, which is a big threat to all the internet users.
The three kinds of social media threats
- Unauthorized Accounts which are created in order to type negative conversations about a particular brand to bring a bad name to it or to harm its customers.
- Content-based threats which are posted on the social media sites as links which turnout to be malware ones leading to phishing lure, spam pornography or hate speeches.
- Account Hijacks are taking place every day. It is the most full-proof way to steal customer information, distribute malware, embarrass a particular brand or engage in malicious activities.
Threat of Unauthorized Accounts from different kinds of brands
40% of the Facebook accounts and 20% of the Twitter accounts are found to be unauthorized. This comes as a big threat to the active users of these social networking sites.
It is estimated by Nexgate that approximately 330 unaffiliated accounts advertise giveaways of ‘free gifts’ or ‘free membership points’ per brand in Fortune 100. This indicates that there are currently 330 unauthorized accounts for each brand of Fortune 100.
Nexgate documents some shocking percentages regarding this scam of unauthorized accounts
- Financial Category– Companies in the financial category of Fortune 100 have the highest number of unauthorized accounts. The companies under the financial category make up 55% of unauthorized accounts on Facebook and 25% of them on Twitter.
- Entertainment Category– The entertainment category companies of Fortune 100 have 25% of unauthorized accounts on Facebook. On Twitter, there are 15% of unauthorized accounts operating from the same category of companies.
- News Category– Fortune 100 companies under the news category have 35% of unauthorized accounts on Facebook and 10% of them on Twitter.
20% of all the accounts affiliated with Fortune 100 companies are found to be protest accounts. People can have protest accounts to post their feedbacks for or against a brand. But usually companies, having unauthorized protest accounts, are used to embarrass other brands and mostly, they are used foe fraudulent activities.
Hence, the social networking sites seem to be leading in terms of scams and spam messages among all the activities on the internet.
Content-based threats like spam messages from different kinds of brands
Social spam gets distributed to millions with one post. Hence, it is the most dangerous threat. Among the 32,000 accounts which were studied, 1.8 million security and inappropriate content related incidents were found.
- Financial Accounts– Huge numbers of 20,411 spam messages were identified on the accounts of the companies under the financial category which means 23 spam message per account.
- Entertainment Accounts– 125,392 spam messages were found on the accounts of the companies in the entertainment category under Fortune 100. This indicates the presence of 73 spam messages per account.
- Health Accounts– Health/pharmaceutical companies’ accounts are found to have 6,333 spam messages, which means 13 spam messages in every account.
968,396 messages on these social networking sites are found to contain profanity and adult content, 51,073 messages contain hate speech or personal threats, 28,540 messages are reported to contain bullying and 162,600 messages contain spam.
Different kinds of Content-based threats target different kinds of companies
- Phishing attacks– 60% of phishing attack URLs are found on the retail accounts and news accounts.
- Malware links– 85% of URLs leading malware links are to found on financial and entertainment accounts.
- Hacking links– 91% of URLs which promote the ability to hack are found on news and entertainment accounts.
Altogether 50,381 spammers are identified till now. Apart from this, the most risky links are the ones which lead to spam sites (7,248 links), pornography (6,941 links) and gambling sites (1,157 links).
Account Hijackers do not spare anybody
2.29 account hijack indicators are found in the average firm, such as malware links posted by the brand account managers. Again, as we go through these social networking sites, we may come across many links posted by unauthorized accounts promoting hacking of Facebook or Twitter accounts. Finally, these links are found to be malicious. The 330 unaffiliated accounts of each brand, which feature links advertising giveaways of ‘free gifts’ and ‘free membership points’ are, basically, practicing hacking of accounts. The menace of account hacking and hijacking didn’t even spare big names like President Obama, The Associated Press, Jeep, CBS, FIFA, Microsoft and Burger King.
These findings are derived from the study that was done on 32,000 accounts of Fortune 100 companies between July 2013 and June 2014.
Social spamming is not only affecting regular internet users but also affecting brands. For example; the Nexgate report cites an occasion where a fake page for Amazon.com is created on Facebook. This fake page was advertising huge offers on random goods. It was found that the links to these advertisements offering discounts were actually malware links. Immediately it was realized that the page was not an original authentic Amazon page. Thus, one should be especially careful while clicking on links posted on the pages of those companies which come under the entertainment category, news category, retail category and financial category.