Risk management: fake social media sites drive growth of ‘threat intelligence’ sector

Jessica Twentyman

How many of the people who follow you on social media sites really exist — and how many are lifelike avatars created by criminal hackers?

An investigation by IT security company Symantec unearthed dozens of fake profiles on professional networking site LinkedIn that had been created by scammers posing as recruitment consultants. The apparent aim of these fake profiles was to infiltrate business networks by making and exploiting connections with reputable executives.

Personal and professional lines blur on social media, where people are ready and willing to share information and curiosity persuades the unwary to click on web links of uncertain provenance.

“These are places where we build trust quickly with people who we believe share our opinions or enthusiasms — too quickly in many cases,” says Elad Ben-Meir, vice-president of marketing at Cyberint, a consultancy.

James Foster, chief executive of social media risk company Zerofox, says a common social media tactic is for fraudsters to assume the identity of someone’s colleague or business associate based on information gleaned from their online interactions.

The criminals may attempt to persuade their target to reveal system login credentials, divulge confidential company information or to download malware on to their company computers.

“Once the door’s been forced open in this way, then the potential for reputational damage is substantial,” says Mr Foster. “Just as most businesses put in place technology measures more than a decade ago to combat email phishing of their employees, I believe many will come around to the idea that a similar approach is needed to address social media risk.”

A study from IT security company Proofpoint, for example, says one in five clicks on malicious website links occur outside corporate email systems, mostly on social media and mobile apps.

Hackers are also using social media to manipulate customers. They pose behind fake profiles that represent legitimate brands or as a company’s customer service staff to lure people into divulging online banking passwords, provide personal details with the promise of free gifts or money-off coupons that never arrive.

The same Proofpoint study, for example, found that 40 per cent of Facebook accounts and 20 per cent of Twitter profiles claiming to represent Fortune 100 brands were unauthorised by those companies.

In 2015, airlines including JetBlue, Southwest Airlines and Virgin Atlantic had their brand identities hijacked by fake accounts on Facebook in order to dupe users into sharing personal details.

Customers had thought they were entering a lottery to win round-the-world, first-class tickets. While it is not known what the harvested data will be used for, it could well be sold on to other criminals.

In addition, fake web pages visited in order to enter these “competitions” may well install malware on users’ devices.

“Brands get tainted by this kind of ‘customer experience’, even though it’s clearly not the result of their own wrongdoing,” says Mr Foster. “In these situations, the burden of . . . making things right with the customer, typically falls to [companies].”

Digital Shadows, a UK-based start-up, monitors social media sites, search engine results, online forums and the hard-to-reach, encrypted “dark web”, home to cyber space’s murky side.

James Chappell, the company’s founder, says: “We find spoof profiles, where hackers are impersonating employees and company executives and compromising brand integrity. We find sensitive documents all the time.

“Not every business faces the same risks, nor every industry,” he adds. “But what most organisations have in common is a lack of awareness of how widespread and serious the risks are.”

Where there is fear, there is an opportunity for security providers, as services and products that offer to provide protection from reputational threats will come at a cost.

Rick Holland, an analyst at technology market information provider Forrester Research, says concern about the unknown dangers is helping to drive what he calls the “cyber threat intelligence” sector.

Mr Holland adds he has already identified more than 20 companies that are attempting to grab a slice of this potentially lucrative market. It is likely more will join them.

Original