Real-time Social Media Security Monitoring
Social media threat monitoring is exactly that, proactively using social media to identify and analyze security threats that originate online in the public domain. These threats include everything from negative sentiment identification to explicit threats targeting personnel.
Real-time social media threat monitoring is not as simple as it sounds. For every solution, there are unforeseen issues. For example, if you have an organization whose name contains a common word or phrase, threat monitoring tools can easily inundate a security team with extremely high volumes of information, most of which is entirely irrelevant.
Thus, by understanding the threats that social media may pose, irrelevant results can be filtered out leaving only the most relevant information to be assessed. In addition, developing customized, tailored keyword lists to apply against the organization’s search terms provides references points for large-scale monitoring and alerting, to ensure only the most relevant threat information is received in a timely manner.
Security Threats Posed by Social Media
The social media landscape is vast, and the range of potential threats against a given organization or individual are massive.
Below are six of the most common security threats on social media that should be monitored in real time. These are only a description of the threats presented by social media in the broadest of terms. Within each category are multiple subcategories and further aspects to consider when attempting to prepare defenses against each threat type.
- Behaviors of Concern – Violent intent is often shared on social media. Posts using violence terms and threatening sentiment, paired with mentions of an organization can create an immediate security issue. Identifying behaviors of concern, before the escalation to violence may give an organization the time to intervene and potentially change the would-be outcome .
- Oversharing – One of the greatest dangers presented by avid social media users, especially those who leave their location settings turned on, is that they unwittingly (and sometimes fully wittingly) share details about their locations, plans, and other information that shouldn’t be made public in a manner that allows potential adversaries to track them.
- Phishing – Social media phishing often involves using a malicious link to distribute malware, spam, or other threat against an individual’s computer. This is very common when an angler phishing campaign (masquerading as a customer service account on social media, hoping to reach a disgruntled consumer) spoofs a customer support account and intercepts customer queries.
- Reputation – Individuals or groups may seek to tarnish an organization’s reputation by making comments about the organization’s products, services, or personnel. Thanks to review aggregators and micro blogging platforms, these negative reviews can quickly mushroom into major headaches for an organization that relies on customer trust to produce and maintain its revenue stream.
- Account Hijacking – Account hijacking occurs when a threat actor takes over a social media account and uses it for malicious means, whether using the account to tarnish the organization’s reputation or to conduct other sorts of unseemly online activities. Although account hijacking is relatively simple to recover from, the damage done may have lasting impacts detrimental to the organization.
- Impersonations – Whereas account hijackings require the use of legitimate login credentials, impersonations do not, and therefore are much more dangerous. Impersonations can occur when a threat actor pretends to be both individuals and organizations, often seeking to either tarnish a reputation, cause general chaos and confusion, or set up an angler phishing campaign.
Security Keyword Lists Built with AI can Help
One of the most difficult aspects of social media threat monitoring is understanding how to properly configure wordlists and apply those lists to a search. Developing synonym lists for all the various threats that may target your organization is a time-consuming process that is highly difficult to fully implement properly. Then, when considering all of the different facets of threat types that may appear across the social media landscape, the task becomes even more daunting.
Odin’s utilizes a threat monitoring tool with several pre-configured wordlists along with the option to build custom wordlists. We apply wordlist filters against a client’s search terms and the results show only what is most relevant to the organization. What makes these wordlists powerful is that they are built by deep learning algorithms to provide the proper filtering needed to prevent a blind spot.
Click here to learn more about how Odin Enterprises can immediately support your real-time threat monitoring needs through Odin Threat Visibility.