A study called “Social Media Platforms and the Cybercrime Economy” commissioned by virtualisation-based security firm Bromium has confirmed that social media enabled cyber crimes are generating revenue to the tune of at least $3.25 billion every year globally.
Additionally, at least 20% organizations have been infected by viruses and malware spread over social networks. The report also revealed that more than 1.3 billion social media users have suffered privacy breaches by playing into the hands of such criminals in the last five years.
The Social Media Platforms And The Cybercrime
The immense reach and the popularity of social platforms make them easy targets for hackers and cybercriminals. There are over 2.7 billion internet users, equals 70% of the world internet population, use social media channels on a monthly basis.
The six-month study conducted by Dr Mike McGuire, senior lecturer in criminology at Surrey University (UK), follows his earlier (April 2018) study in which he had concluded that cybercriminals actually earn more than most political leaders and university graduates.
The findings of the second instalment of the “Net for Revenue” sequence go on to highlight that various social networks- including Facebook, Instagram, LinkedIn and Twitter- have become happy hunting grounds for cybercriminals.
The report was compiled on the basis of data shared by leading social sites, business and law enforcement agencies, interviews with the users of these platforms besides analysing the posts, comments and uploads thereupon.
The report published Tuesday draws readers’ attention to the fact that the availability of these platforms gives these scamsters the opportunities to “amplify, persuade and spread malware more quickly than email or other attack vectors.”
Instances of social media enabled crimes have grown four folds in the UK between 2013 and 2018 while in the US they have grown by more than 30,000% during the 2015-17 period.
Since 2016, there has been a 36% increase in cases where social sites were used for criminal recruitment. Wily criminals get through to individuals surfing these platforms by offering them huge amounts of money for short term roles.
“These platforms have brought money laundering to the kind of individuals not typically associated with this crime — young millennials and generation Z,” McGuire points out. “Data from UK banks suggests there might be as many as 8,500 money mule accounts in the UK owned by individuals under the age of 21, and most of this recruitment is conducted via social media.”
Almost half (45-50%) of data breaches during 2017-18 had their origins across social platforms, thereby underlining how threat actors today are exploiting the social media networks, much to the dismay of unsuspecting victims.
Rapid growth in cryptocurrency mining has also fuelled a 300 fold increase in such crimes during the last two years, pointed out the report. McGuire discovered that the number of miners affected by malware during the 2017-18 period had doubled.
11 of the top 20 global websites hosting cryptocurrency mining code are social media platforms like Facebook and Twitter.
“Facebook Messenger has been instrumental in spreading cryptocurrency mining strains like Digmine,” writes McGuire.
The professor pointed towards an instance where a smart hacker took over UK based retailer Matalan’s Twitter account and tweaked it to resemble the electric car making company Tesla’s CEO Elon Musk’s account. The audacious criminal later sent out tweets asking for small bitcoin donations by promising to reward the donors later!
Other key findings of the report include that tools and services required to conduct such cyber frauds (including botnet hires and data trades) are widely available on 40% of these social sites itself. It also reveals that the distribution of credit card details alone fetches these criminals $630 million every year.