Phishing to deepfakes: Cybercriminals’ social media tactics

In anticipation of World Social Media Day, Palo Alto Networks brings attention to a trio of significant social media threats that affect both individuals and organizations. The first is how social media can exploit psychological vulnerabilities. Secondly, there’s an increasing use of deceptive practices that span from catfishing to sophisticated AI-engineered deepfakes. Lastly, they spotlight the issue of malware and ransomware spreading across the vast expanse of the social web.

Highlighted as a vibrant hub of online interaction in the Digital 2023 study, the Philippines boasts a social media utilization rate of 72.5% among its populace. Filipinos allocate an average of 3 hours and 43 minutes daily to engage in online activities such as keeping up with friends and family, consuming news content, and exploring other internet offerings. As the impact of social media becomes more profound, it’s imperative for Filipinos to be alert to the evolving perils linked to its use. The advent of artificial intelligence and other technological leaps has intensified these threats, necessitating increased vigilance and preventive actions.

As World Social Media Day approaches, we present three main ways in which social media poses risks to individuals and organizations.

Exploiting psychological vulnerabilities through social media

Cyberattackers capitalize on user behavior to break through network defenses. Some exploit system or network flaws, but the most effective route often involves social engineering techniques. These manipulative tactics coax users into breaching security rules and revealing information that could lead to data theft or a cyber onslaught.

Palo Alto Networks Unit 42’s 2022 Incident Response Report revealed that 40% of initial system access was achieved via phishing, a social engineering technique. By scrutinizing an employee’s social media profile, hackers can construct a detailed victim profile to launch targeted attacks. These attacks exploit emotions such as fear, curiosity, urgency, and greed, enticing unsuspecting employees to ignore cybersecurity best practices and click on potentially harmful links or attachments. The Unit 42 Network Threat Trends Research Report highlighted that 66% of malware is delivered through PDFs, indicating that a single careless click can unleash malicious macros into the system.

From identity theft to AI-engineered deepfakes

Social media presents another risk: the tendency to form connections without validating authenticity. This leap of faith can be manipulated by cybercriminals. From identity theft to catfishing, malicious actors exploit social media to acquire victims’ information and content, impersonate them, and perpetrate fraud.

With technological advancements enhancing the quality and versatility of AI-enabled content creation, malevolent actors use these technologies to manipulate images and videos—often sourced from social media platforms—for malicious purposes such as extortion, harassment, misinformation, and reputational damage.

When distributed via social media, convincing fake content—deepfakes—can reach millions in an instant. A manipulated video depicting a CEO announcing reduced profits could destabilize a company’s stock price; similarly, a video of a presidential candidate admitting to criminal involvement could disrupt an election. Even without advanced techniques like deepfakes, impersonators can wreak havoc, as evidenced when a fraudulent account of a US pharmaceutical company falsely announced free insulin distribution, causing the company’s stocks to drop.

Social media: A breeding ground for malware and ransomware

Cybercriminals also use social media to disseminate malicious links directly. These links, brimming with viruses, trojans, spyware, and ransomware, serve as open doors for hackers. They allow them to sneak into devices and networks, swipe data, and hijack system controls.
Ransomware, in particular, is experiencing a worrying surge. According to Unit 42’s Ransomware and Extortion Report, Philippine organizations suffered a 60% surge in ransomware attacks in 2022.

As interest in generative AI spikes, hackers exploit this trend, using ChatGPT-themed baits to spread malware across platforms like Facebook, Instagram, and WhatsApp. Earlier this year, Meta’s security teams discovered 10 malware families exploiting ChatGPT themes to deliver harmful software to users’ devices. In one case, malevolent actors developed harmful browser extensions, falsely advertised as ChatGPT-based tools, which were then promoted on social media and sponsored search results to deceive people into downloading malware.

Combating cybercrime powered by social media

Cybercriminals are crafty, using a myriad of tools to turn social media into a weapon. And with the number of social media users worldwide expected to skyrocket to nearly 6 billion by 2027, their potential playground is only getting bigger.

How can organizations safeguard their employees? Primarily, incorporating cybersecurity education into workplace training and routinely assessing its effectiveness is vital. Many businesses reward employees for identifying and reporting phishing attempts to their security operations team, recognizing the value of promoting a culture of cybersecurity vigilance.

On an organizational level, companies should foster a safety-first culture, equipped with a strategy to manage potential cyber incidents. Leaders should continuously identify, measure, and assess risks, restricting access to sensitive information to essential personnel wherever possible. Alongside a robust defense strategy, companies should implement a social media policy to set standards for online interactions, enforce repercussions for social media misuse, and mandate cybersecurity awareness training for those involved in content publishing.

Sean Duca, Vice President and Regional Chief Security Officer, Japan & Asia Pacific, emphasized, “Ultimately, everyone should feel secure online. With the ever-present threat of cyberattacks in our personal and professional spheres, education is the cornerstone of ensuring the protection of our digital identities and business assets.”