Social media as a gateway for hackers
According to a new survey by security software manufacturer ESET, 80% of IT experts believe that social media channels are an easy gateway into corporate networks. The reason for this is that security measures are too lax or neglected. In addition, 36% said that an attacker could easily gain access via socal media sites used at work.
12% of respondents reported that their network had already been infected with viruses via social media channels. Although 56% said their company had regulation regarding the use of social media, just as many admitted that the implementation of this regulation was never monitored. The survey was conducted in May 2015 among 200 IT professionals in England.
Carefree use of social media
As part of the study, 1000 employees were also surveyed about their use of social media in the workplace. 36% of the respondents stated that they believe restrictions on social media use were introduced due to higher productivity and not as a protective measure against viruses & co.
"When it comes to developing security strategies, social media is often still overlooked in companies. Many do not perceive any threat here - but this assumption is wrong. Hackers are always looking for new ways to gain access to corporate networks, and social media can be an open door here," says Thomas Uhlemann, Security Specialist at ESET.
Shockingly, around a quarter of respondents know someone whose Facebook identity has been stolen - or have even been affected themselves. "Cybercriminals use social media to smuggle malware and exploits past corporate firewalls," Uhlemann continued. "Fraudsters trick users by luring them to supposedly legitimate sites and stealing their data. IT professionals have no visibility into what their employees are doing on social media channels and whether the sites they visit pose a potential threat to the company."
A 'Like' can have serious consequences
Furthermore, the survey showed that 33% of the employed respondents would "like" a Facebook page in order to win something. Only 3% could claim that they had actually won a prize that way on one occasion. Employees were also asked whether they would "unlik" a page again if they discovered it was a scam. 12% would see no need for action here.
A mistake, because one of the biggest scams on Facebook at the moment is 'likejacking'. In this case, users are tricked into submitting a Facebook status for a page that they did not actually want to "like". This causes hoaxes and spam to spread further. This approach is currently very popular and usually involves enticing videos. One click directs the user to an external page that attempts to download malware to the computer. "Users should be aware of the dangers of 'Likejacking' and critically question what a 'Like' on Facebook is really worth. After all, one click on the wrong page can cause more damage than many assume," explains Uhlemann.
Companies are therefore well advised to sensitize their employees to the dangers of using social media in the workplace.
