What Financial Services Institutions Should Know About Social Media RiskPOSTED BY LIZ BUSH
Three out of four banking customers surveyed agree or strongly agree that social media is important to their banks, with Facebook, LinkedIn, Twitter, YouTube and Instagram being the most popular platforms. However, few FinServ security teams incorporate these numerous threat vectors and data sources into their threat model. Taking advantage of the limited visibility and control these institutions possess to detect and remediate these risks, cybercriminals happily exploit these social and digital channels where vulnerable businesses and customers engage.
According to ThreatQuotient partner ZeroFox, some of the most prevalent social media threats FinServ organizations face include:
Money-flipping scams. The scammer leverages a financial institution’s brand and uses Instagram to entice the victim to make a small up-front investment ($100-$500) with the promise of big financial gains, and the walks away with the money. Research by ZeroFox finds the number of scams has soared in one year from 4,500 to 340,000.
Spoofed accounts and impersonators. The cybercriminal studies the financial institution’s official company account on Twitter, Facebook or LinkedIn, for example, and creates a replica with slight variations that are nearly imperceptible. They then use the account to dupe customers into sharing information that allows them to gain access to bank accounts and/or credit cards.
Social spear phishing. These attacks are highly targeted. For example, ZeroFox discovered a cybercriminal who had observed a bank customer requesting help with their account over Instagram and then targeted them with a spoofed post offering assistance. The customer shared their credentials and the criminal used that information to drain their accounts.
Each of these threats costs the industry millions of dollars, not just to reimburse customers, but to keep them, overcome damage to the brand and attract new customers.
What to learn more? Download our new whitepaper co-authored with ZeroFox, “8 Tips Every FinServ Institution Should Know to Mitigate Social Media Risk,” to further explore the most prevalent types of threats and scams targeting financial institutions over social media and digital channels. You’ll also get a checklist with 8 tips to help security teams mitigate risk to their institution, brands, employees and customers.