The Dark Web Goes Social

Over the last decade, social media platforms have grown to become an integral part of not just our daily private lives, but also our public lives. For fraudsters, the same has become true as social media platforms provide the scalability, anonymity and reach necessary for them to peddle stolen goods in virtual storefronts.

The spread of cybercrime activity on social media is a trend that continues to grow. There are several reasons fraudsters, like legitimate users, are attracted to social media platforms as “control stations” for their social lives and even their businesses. The mass communicative properties of these networking programs bridge physical divides and distances to allow seamless sharing of ideas and information. On top of that, many platforms provide additional benefits to users looking to maintain an exclusive space for a specific purpose that remains unknown to those not trusted enough to be part of the circle:

• Built-in Anonymity. The use of representative screen names and subjective identity information such as a user profile, allows malicious actors their initial layer of confidentiality. Given the ready availability of webmail, and its nonexistent identity verification requirements, not only can malicious actors have one anonymous account, but they can – and often do – have dozens or more, ready to be activated.

• Exclusive, Invite-Only Structures. Explicit invite-only and group-management functionality inherent in nearly all social media platforms are valuable to fraudsters whose primary concern, even above making money, is to remain unknown to any who would foil their plans, or report them to authorities.

• Mobile Integration. Early social media platforms had to be optimized for mobile. Today’s apps are engineered to be viewed as hand-held dashboards of their users’ lives. Mobile-enabled social platforms allow real-time monitoring and access to all information on the network, from anywhere with cellular access or WIFI, enabling fraudsters to be nimbler than ever in making deals and dodging authorities.

Across the range of platforms, there are some interesting trends that may be useful in evaluating the current status of social media fraud marketplaces. For example:

• Extended Feature Sets. In the past, there was a clear distinction between instant messaging platforms and social media. However, during the last few years, those same platforms which have been used solely for the purpose of peer-to-peer communication, have evolved into something more and are used in the same way as social media.

• Multi-platform Models. All fraud groups in social media can be thought of as one uniform sphere, with fraudsters often advertising groups/contacts from one platform in another one, and alternating between two or more platforms even during conversations. Moreover, the content shared in the various social media groups is inherently similar, and mainly serves to increase the fraudsters reputation and customer base.

• Criminals are users too. While there are differences between the platforms and particular reasons to choose one over another, fraudsters generally behave like typical social media users: most try to be represented on as many platforms as possible to reach as wide an audience as possible, to maximize their marketing and visibility.

Conclusion

Until the next round of law enforcement or corporate action to regulate malicious activity takes place in these spaces, a criminal shadow hangs over social media in general, and most certainly in the case of social media fraud markets. Modern cyber thieves will continue to look for the most effective and efficient ways to cash out stolen financial and identity information while blending in with the billions of other users and accounts on their preferred platforms.

In the meantime, understanding the draw of social media in general can help us understand its attractiveness to the criminal element, and in turn, it informs our efforts to combat misuse and to justify our continued financial and social investment in these new information technologies. Social media is an enabler for business, but it also presents a growing digital risk to consumer-facing organizations. Keeping track of and reporting on the adoption and utilization of these platforms by fraudsters is imperative to keep all interested parties—including the public—aware of this very real problem.

Get the full details on the social media platforms facing this fast developing digital threat and the types of cybercriminal activity occurring on them. Register for the webinar, “The Social Media Fraud Revolution,” or access the latest RSA Quarterly Fraud Report.

About Mathew Long

Mathew Long is a Sr. Advisor for the RSA Fraud and Risk Intelligence division. Mathew leads the global go-to-market efforts for RSA’s consumer authentication and fraud intelligence solutions. Mathew is a prolific blogger and a regular presenter at industry events and media engagements. For the past six years, he has focused on working with leading financial institutions on anti-fraud and cybercrime prevention strategies to reduce fraud and improve customer experience.

About RSA

RSA, a Dell Technologies business, offers business-driven security solutions that uniquely link business context with security incidents to help organizations manage digital risk and protect what matters most. RSAs award winning cybersecurity solutions are designed to effectively detect and respond to advanced attacks; manage user identities and access; and, reduce business risk, fraud, and cybercrime. RSA protects millions of users around the world and helps more than 90% of the Fortune 500 companies thrive in an uncertain, high-risk world.