"Different generations view social media differently," said Autumn Knowles, residential and business telecommunications specialist at Viasat Savings.
"For example, when we asked people why they keep an app rather than delete it, most respondents agreed that it was to stay in touch with friends and family," Knowles added. "Only GenZ respondents were more likely to keep certain apps because they use them to log into other online accounts. GenZ differs from other generations in that they view their social apps as online tools rather than as a means to stay connected to others."
The study did find that 71% of respondents took the time check their advanced privacy settings when they joined a social media platform. "We didn't expect such a high number of people (71%) to check their advanced privacy settings," Knowles noted. "It's a good sign that people take control of their privacy settings when given the opportunity."
In addition, 50% of respondents in the Viasat Savings survey said they updated their privacy settings in the last year due to privacy concerns. "With 2019 being notorious for cyberattacks and data breaches, it's no wonder that half of respondents decided to tighten up their social privacy settings," said Knowles.
Social Media As The New Hacking Target
However, even with the above efforts – experts agree that everyone should be more diligent about privacy. Just this week the personal information of an estimated 100,000+ social media influencers was compromised and/or partially leaked following the breach of social media marketing company Preen.Me.
According to a report from RiskBasedSecurity.com, more than 250,000 social media users may have also had their information fully exposed on a deep web hacking forum.
The leak was discovered on June 6, 2020 when a known threat actor posted on a popular deep web/dark web hacking forum that he/they had compromised the Preen.Me system and were then holding the personal information of more than 100,000 affiliated influencers for ransom.
This type of attack is shocking, but security experts say it really shouldn't be. Social media, especially amongst influencers has been about "sharing" and this includes over sharing, often of personal information. "While people generally focus on breaches that involve passwords, credit card numbers, or other financial details, breaches of this magnitude that compromise a significant amount of personal information cannot be ignored," said Erich Kron, security awareness advocate at KnowBe4.
"It is important to understand that not only was the information about the individual stolen, but other data such as Facebook friend lists and additional data that could even put others at risk," added Kron. "Given the volume of information lost here, it is important that the organization contact victims as soon as possible and that they provide a statement about the breach, something they have not done yet."
Doxing On The Rise
KnowBe4's experts have warned that the practice of doxing, or releasing personal information about people's addresses, phone numbers or even employers, has long been looked upon as grievous offence in the cybersecurity community due to the potential impact is can have on the victims.
"This breach has released the same information about hundreds of thousands of victims who also are now at risk," warned Korn. "The 253,051 records that contain information such as Facebook account names and associated friend lists is a gold mine for social engineers. This information can be used to create fake lookalike accounts that can then be used to attack these friends. It is not uncommon to see these attacks used, often through a friend request or a message request that makes the user believe they are speaking to the real person, to spread malware or perpetrate other scams."
While such acts will likely rise, cutting ties on social media need not be the answer. Instead, everyone – influencers included – should be wary of the practice of over sharing while personal details should remain persona. In the meantime, those recent victims will need to be especially attentive.
"These victims of the breach should be very vigilant toward future emails, text messages and phone calls," said Kron, adding, "as these are prime attack techniques for this type of information."