The dark side of social media

 ·23 Aug 2013

A security software firm has alerted to a growing trend whereby cybercriminals use social media platforms like Facebook to deep mine data for cloning purposes and ultimately steal money from unsuspecting users.

Security software provider, Intact Security says that over the past few months, hundreds of South Africa’s approximately 6.19 million registered Facebook users have become the victims of cloning.

This practice, which is also known as deep mining, is when cybercriminals lift a user’s name and profile picture from their existing account to create a duplicate Facebook profile from which they then send messages to the victim’s friends asking them for money.

“This is such a popular scam since it is low-tech and easy. Hackers either obtain your password illegally when you click on external links, apps or games; or they simply and copy and paste all your public information,” said Intact Security MD, Lutz Blaeser.

“Alternatively, depending on your privacy settings, they can send you a friend request. Once you accept, they start copying all your information and pictures to create an exact replica of your profile.”

Blaeser says the purpose of this is to steal money, however, he warns that it can also lead to identity theft and spam being sent from a users account.

Further, the company lead notes that it is not only Facebook users who should be on the look-out. Hackers are wreaking major havoc on other social media platforms as well.

In April, the Associated Press (AP) news agency fell victim to hackers who sent out a breaking news tweet to the agency’s almost two million followers claiming that there had been two explosions in the White House and that U.S. President Barack Obama had been injured.

Within minutes, the untruth had been retweeted thousands of times, the stock markets dropped by $136 billion in value and the Down Jones Industrial Average fell almost 150 points before a correction was made.

“Although AP is not the only high profile corporate Twitter account that has been hacked, they experienced more damage than some of the other victims,” Blaeser said. “First of all, their credibility and reputation were harmed – even though the false tweet wasn’t the handiwork of an AP staffer.”

“Secondly, Twitter suspended their account for around 24 hours to prevent the hackers from posting again. Although understandable, the closure caused the news agency to lose many of their followers as well as many potential clicks to their website, since they normally use Twitter to link to their news articles.”

Blaeser advises that the time from when a breach occurs on any of your social media accounts, and when it is discovered and caught, is crucial to minimising the damage.

According to the MD, there are steps that social media users can take to protect their accounts from being hacked into.

“Enable two-step authentication wherever possible, never use the same password for different accounts, and install and use a good anti-virus software on all devices from which you access your social media accounts,” he said.

More on social media and hacking

Cyber fraud targets social media

Online banking a sweet spot for cybercrime

Cyber crime running rampant, “with impunity”

Beware bump and infect swindle

$1 trillion global hacking cost exaggerated: study

Show comments
Subscribe to our daily newsletter