

Social media channels such as Facebook, Twitter, Instagram and YouTube have emerged as attractive gateways for cybercriminals. Other platforms are also becoming hotbeds for hacking, such as social news sites like Reddit and review sites like TripAdvisor and Yelp. Close to home in Florida, the Pentagon learned the perils of social media exposure when the Twitter and YouTube feeds of the U.S. Central Command in Tampa were breached by apparent sympathizers of an Islamic State militant group.
What makes social media platforms so desirable? One easy answer, according to Chief Privacy Officer (CPO) magazine, is that “these sites make it very easy to share and pass on just about anything – and that includes malware.” On average, social media platforms have 20% more methods for scamming consumers than other internet sites; techniques like advertisements, sharing buttons and plug-ins. In addition, most people have hundreds to thousands of connections on social media making it very convenient to distribute malware to a wide audience with few negative consequences. Additionally, the same type of human error that causes people to click on links sent to them in emails is exponentially greater on social media platforms because people are more likely to consider themselves among friends.
Hacking social networks requires very little technical skill. Bad actors simply use the information available on personal profiles to win a complete stranger's trust. “Cybercriminals exploit the personal details we share online to trick or impersonate us—piecing together every photo we post, location we check into, person we tag, or pet photo we upload to build an understanding of their targets,” explains Fast Company, a business magazine that focuses on technology and business. “The social engineering scams they create are designed to entice people to download malware, send money, share personal information, or disclose log-in details.”
Examples of how hackers use social media to commit cybercrimes include:
Social media hacking happens more often than you think, according to Dr. Aaron Brantly, director of the Tech4Humanity Lab at Virginia Tech who studies the impact of technology on the human condition. “The numbers are very hard to come by on almost all social media platforms because they keep those very close to their chest,” he said. The motivation is usually financial or malicious.
The scope of social media scams is limited only by the imagination of the cybercriminals and once your account is hacked, there’s not much you can do about it. Your best defense is a good offense. Here are some ways to protect your firm from social media hackers:
There are a reported 4.62 billion social media users today and 22% have fallen victim to a security-related incident. Many are businesses that use some combination of social media for recruiting, marketing and customer service purposes. Others could be your employees who use personal social media accounts on business devices and transmit posts, videos, and messages over your network. Now, more than ever, CPA firms should assess their cybersecurity risk from social media and take steps to mitigate it, from auditing social media use and deploying a cyber secure IT infrastructure to ongoing employee training.
As an endorsed program of the FICPA, Coaxis offers special member pricing for its CPA program package. To learn more, visit www.coaxiscloud.com/ficpa or contact Lisa Bryant, executive vice president of corporate development, at (850) 391-1022 or lisa.bryant@coaxissolutions.com.
The Florida Institute of Certified Public Accountants (FICPA) is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: NASBARegistry.org.