Today, over 3 billion people use social media, and the number of users has increased by approximately 9% every year, writes Martin Mackay, Senior Vice President, EMEA for Proofpoint.
Many companies, 78% in fact, have a dedicated social media team charged with engaging directly with customers and promoting the brand online. So why is it that 83% of customers have reported bad experiences with social media marketing?
In recent years, there has been widespread concern that misinformation on social media is damaging societies, institutions, and brands. Notably, the 2016 US Presidential elections were tainted with accusations that Russian hackers interfered with election-related computer systems infiltrating more than twenty states. Russia also took its influence campaign to highly trafficked social media channels, including Facebook, Twitter, and YouTube, hiring hundreds of trolls to post false news stories on these platforms. The hackers created thousands of fake accounts that posted anti-Clinton messages, which fueled anger and suspicion and may have even helped sway votes.
Whilst social media misinformation is most famously associated with election interference, these campaigns are also consistently used by cybercriminals for financial gain. To get an idea of the scale of the situation, the Methbot scheme, for example, spoofed 6,000 domains and stole $5million in fraudulent revenue per day. The fraudsters created an army of bots to watch as many as 300 million video ads a day, with an average pay-out of $13.04 per thousand faked views. Major publishing brands including ESPN and Vogue were affected. The sophistication of the hack provided the bots with the ability to replicate the actions of real people, with faked clicks, mouse movements and social network login information.
Today, brands can engage digitally with customers around the world on a multitude of devices such as a smartphone, tablet, laptop, watch, TV and more, in real-time. These digital interactions create data about everything, including customers, employees, and third-party suppliers on all kinds of devices, on-premise and in the cloud. No matter where it resides, this data is valuable intelligence, which can be targeted by cybercriminals to easily create fake social media accounts or profiles that appear to represent the brand — a technique known as angler phishing. Recent research has shown that social media support fraud, where cybercriminals create fake customer support pages spoofing a well-known brand in order to intercept personal data, is on the increase: up by a staggering 442% since last year.
Customers Engaging with Brands
With more and more customers engaging with brands through social media and digital channels, it is now more critical than ever that organisations consider their exposure to digital risk and the potential impact to their business. As digital technology evolves, so do cyber criminals’ techniques to exploit the gap between a company’s digital engagement and the ineffective security controls. From cyber threats like malware and phishing attacks, malicious content, brand impersonations and stealing intellectual property, to data exposure where your customers’ credentials or your sensitive corporate data is breached; digital attacks expose your company and customers who place their trust in your business to a range of security threats and compliance risks. For brands finding themselves spoofed and unwittingly implicated in these schemes, they also face a serious negative backlash on the perception of their brand.
Social media involves all organisations operating today, whether they are active participants in a digital channel or not. Your company should know in advance how it will respond when threats to brand reputation emerge in the social sphere – be it a fraudulent mobile app or social page masquerading as official, a doxing attack where personal information about an executive is publicly shared, or abusive and offensive content targeting your brand. If you wait until brand damage occurs, it will be too late.
Managing a brand’s digital presence has traditionally been a manual, ad hoc effort. Processes are often reactive and focus only on a specific channel. Given the breadth and seriousness of the digital risks to brands and customers, monitoring and protecting your organisation’s footprint is critical across all channels: social media, employee social selling, web domains, mobile apps and deep and dark web.
To do so, you will need a three-prong strategy. First you need to discover threats, meaning actively scanning all digital channels 24/7 to assess the risk your brand is facing online. Second, you need to use technology to consistently monitor your brand’s digital footprint to ensure it is secure. Third, you need to have adequate measures in place to proactively protect the brand from fraud, attacks and malicious content to avoid a full-blown crisis that will inevitably damage the brand’s reputation.
Increasingly, the fate of a brand’s reputation depends on how well that brand presents itself online and across social media channels, so it is imperative that cybersecurity strategies stretch far beyond the internal network in order to protect against the new breed of social media cyber threats.