The popularity of social networks is ever increasing.The social networks useful for making new friends, forming new contacts, research collaboration, information sharing, political campaigns etc. The some of the social networks such as LinkedIn and Xing are used for career-oriented professional contacts where a user can discover business connections, while others, such as Facebook, Twitter, MySpace and Orkut etc are friendship-focused and are primarily used for communication, photo and video sharing and entertainment.
The social networks such as Facebook and twitter facilitate interactions between millions of users in the world. Although they play an important role in shaping the way we socialize, they do not concern about the possibilities of dangerous incident and attacks through the use of the networks.
On the other hand, social media sites generate revenue from targeted advertising that is personalized for each user based on age groups, interests, hobbies, relocation, demographics, etc. The social networks also encourage their users to share as much information as possible and the users happily post and publish information about the places they visited, the people they met or going to respond, check-in, check-out, attending events and other personal data. Also, they also use various applications such as social games available in the social network to further their information sharing.
The more active the user is, the more valuable for the social network and the advertisers who put advertising on it. The social networks want users to share more information; they make it difficult for users to set their privacy settings, consequence, most users do not take the time to change their privacy setting property and leave it the default settings on that may come with sharing private and confidential information.
They fail to realize that their personal information quickly becomes available not just to their friends and family, but also to fraudsters who abuse the information for malicious purposes. It’s easy to forget that the information we share and the trust we build with our network is precisely what cybercriminals are after.
The cybercriminal constantly searches of new ways to make money that is how to find the means to collect the confidential and private personal information and monetize through the use of such information available on social networks and media. The cybercriminal can be used the following methods tomonetize information obtained from the social networks:
Collecting personally identifiable information from user profile pages of the social network
This is a very essay way to gather detail private personal information from the profile page of the social networks.
The user profile page of the social network contains information about the user’s date of birth, relationship status, current location; schools attended and place of work etc. Studying the previous posts, it is easy to figure out family relationships, friend circles, interests, hobbies and much more. Collecting this type of personal identifiable information doesn’t require any sophistication and intelligent tools from the fraudster.
Obtaining social network payments settings’ information
Another way that the cybercriminals and the fraudsters can monetize information available on social networks is by accessing the payment information that may be stored on user profile pages. To monetize the payment information, cybercriminals use compromised account login credentials that can be obtained through common phishing or malware attacks, and malicious social applications.
Abusing business-consumer trust relationships through fan pages
The use of social media changes the way consumers think and react to products, services, and everyday life. Engaging with consumers online helps build trust and drives business and product success. Therefore, it is essential for businesses to stay involved with their consumers over social media fan pages that is a facebook page. Once a cybercriminal gains control over a public brand’s social network presence, it is easy to lure consumers to phishing sites, where they will be asked to submit their credentials. For example, if a consumer visits a compromised fan page of a bank and clicks on a phishing link, the consumer can be routed to a fake login website where he or she will provide his or her bank account details to the cybercriminal. The cybercriminal can then sell the information to other fraudsters or use this information to commit fraud.
Author: Cyber Security Expert (Mr. Dilli Pd. Sharma)