With the average Australian logging into 6.1 platforms each month, it’s clear social media is a key part of our lives. But unbeknownst to many, our favourite apps are also increasingly becoming a playground for scammers looking for easy ways to infiltrate systems and cause harm, with the rise of ChatGPT and AI-enabled content creation only heightening the risks that organisations and employees face.
How cybercriminals are using social media to put businesses at risk
Sean Duca, VP and Regional Chief Security Officer, Japan & Asia Pacific at global cybersecurity leader Palo Alto Networks, has shared some insights on how threat actors are weaponising social media and what organisations can do to better protect themselves:
“Social media is an integral part of how many of us live. But while the ability to express ourselves and connect with others online has impacted us positively in many ways, it has also led to an influx of cybersecurity risks, and recent technological developments have only heightened these threats,” says Sean Duca.
“As technological advancements have made AI-enabled content creation more accessible, it’s easier than ever for hackers to mine social media for images and videos that can be manipulated into content that can be used for extortion, harassment, misinformation and reputational damage. Effective fake content, known as deep fakes, can make it appear that a public figure confesses to a crime or is caught in an inappropriate act. When disseminated through social media, it can instantly reach millions.
“Similarly, the popularity of AI chatbots has also made it an easy lure for hackers, who use ChatGPT-themed links to spread malicious software on platforms like Facebook, Instagram and WhatsApp. How easy might it be to see a post claiming to offer a browser extension that enables ChatGPT-based tools, click on it and accidentally download malware?
But while AI-related threats are on the rise, it’s important to remember that taking advantage of user behaviour is often the easiest way for hackers to penetrate a system’s defences. Social media usually involves establishing connections without necessarily needing authenticity, making it easy for malicious actors to gain your trust and encourage you to take an unsafe action, such as divulging personal information or downloading a harmful attachment.
Ultimately, our online threat landscape is continually growing. And with social media unlikely to go away anytime soon, World Social Media Day reminds us to take ownership of our cyber education and be mindful of how we use social media.
Our top tips for safe social media use include the following:
- Ensure the software you’re using is up-to-date: From your operating system, browser, and all the applications you might be using, ensuring your devices have the latest versions installed can go a long way in reducing the risk of running into known vulnerabilities and malware.
- Avoid using the same password: Use a strong password and change it often, and where possible, turn on 2-factor authentication.
- Change your privacy settings: This will limit the amount of personal information that is accessible publicly.
- Don’t trust every message, post or profile you see: Malicious actors may often try to reach out and trick you into doing something unsafe. Practise good cybersecurity hygiene and be wary of clicking unfamiliar links or attachments or divulging information to people you don’t trust. For businesses, this means employing a Zero Trust security approach that removes the implicit trust of users and devices and continually opts to validate every stage of digital interaction.”
Also read: McAfee launches powerful new online protection solution for small businesses
