Social media platforms, individuals and organisations all need to improve their security practices in order to prevent cryptocurrency scams, like the one that saw the British Army’s Twitter and YouTube accounts hacked this weekend, cybersecurity experts told Tech Monitor today.
“Prevention is an all-hands task,” said Rich Sanders, cybersecurity expert at CipherBlade, a firm that investigates and tracks Bitcoin and other cryptocurrencies in cybercrime cases.
Successful account takeovers (ATOs), such as the hack on the British Army’s social accounts are relatively rare, Sanders said. More common is impersonation fraud, in which scammers set up fake accounts purporting to belong to high-profile people.
In both cases, while it is impossible to say how successful these attacks are, Sanders said: “All it takes is one victim to make the resources for impersonation fraud worth it.”
Social media platforms need to be more proactive in preventing account takeover attacks and deleting fake accounts, Sanders argued. “There are literally tens of thousands of fake Elon Musk and [Ethereum founder] Vitalik Buterin accounts on Twitter, and this has been the case for years.”
They also need to be quicker to block fraudulent ads and promotions, he said. “These scams are reported quickly and it does not require advanced training to determine which of these is or is not a scam.”
But is not just the platforms that are at fault, he added. For a prominent organisation such as the British Army to fall victim is “inexcusable” he said. “I’m not saying this to victim-shame, I’m saying this to be realistic and pragmatic.
“There is immense value in these accounts which far exceed the prospects of scamming people,” Sanders explained. “Imagine if, for example, those accounts were used to spread misinformation?
“They got lucky it was just used for a crypto scam,” he said, suggesting an ATO by Russia-aligned hackers could have been more damaging.
How to prevent social media hacks
The social media accounts of high-profile organisations may be vulnerable due to lax management of security credentials, Steven Dickens, Senior analyst from Futurum Research, told Tech Monitor.
“Oftentimes, junior social media managers are sharing credentials to the accounts and are therefore relatively easy for hackers to compromise through phishing or social engineering attacks,” Dickens said.
In 2020, the UK’s National Cyber Security Centre (NCSC) published advice for organisations on securing their social media accounts. This includes implementing a ‘sound password policy’ to ensure only authorised individuals can access accounts, and activating two-factor authentication.
NCSC advised that social media management tools, which marketers use to schedule and analyse social media posts, “should be given the same amount of protection as access to the social media platform itself”.
Organisations should also draw up a crisis response plan to prepare for a social media hack, NCSC said. “If your social media channel is hijacked by an attacker, your priority should be regaining control of the account to contain any damage, rather than trying to correct any malicious content that’s been posted.”