Cybersecurity Business Law Blog

The Intersection of Cybersecurity, Business, and Law



Social Media Malware: What Is It and How do You Avoid It?

Guest Post by Cassie Phillips

You can’t have spent more than a week on the internet without hearing about malware and its adverse effects on your computer or even your smartphone (smartphone malware is on the rise as well). Perhaps you’ve even had to spend half a day cleaning it off your computer yourself. It is a menace, and it is dangerous considering the data it could potentially steal from your computer.

Malware has been around as long as the internet, but now that we have social media surrounding us wherever we go, some enterprising cybercriminals took it upon themselves to develop malware that directly targets social media and those related accounts. This leads to stolen data from social media accounts, much of which is personal in nature and can be used against you if not used to steal your identity. It also leads to takeover of your social media accounts, which is usually embarrassing and hard to recover from.


Here’s what you need to know about the threat:

What Makes It So Special?

Technically, not very much. Malware is often do diverse that it is hard to categorize it other than the effects is causes or its main targets. Social media malware isn’t magic or a special program only developed by the best hackers in the world, it is just a piece of software that intends to make your life miserable through your social media pages. Sometimes the term is used to describe malware spread through social media and at other times it is used to primarily categorize the target. Either way, the malware itself is not too different from the malware that attacked accounts or through websites before it.

Yet this does make it a very special kind of threat. If a piece of malware attacks your browser you can often simply delete it from your computer before it spies on too much or causes too much damage to your computer. Social media malware is different. It takes on a public edge. Whether it is malware you click on thinking it is a friend’s link or something you find somewhere else online that later posts on your wall it is a much more personal assault. Malware spam is usually not very polite about what it shares with family and friends, and can often disturb them.

Increasing Prevalence

The first thing you need to know is that it is becoming more common. More sophisticated cybercrime usually goes for breadth instead of depth when it comes to average consumer targets. Malware does take time for development, and the first wave had to tailor their product for social media. Now that all of the framework for malware has been developed, cybercriminals can now also spend more time tweaking instead of starting anew. This means more frequent attacks of different kinds.

Hackers probably could simply try to get into people’s accounts one at a time, but that isn’t cost effective and the automation and plague-like nature that malware has in its very nature means that a single cybercriminal can target a theoretically unlimited amount of victims. They can not only make a living and cause someone a bad day, but get rich and cause chaos doing so.

All of this coincides with increased rewards for those who successfully take over someone‘s social media account. With the monetization of social media people are linking credit card or even bank information to their accounts. This means that identity theft is easy for someone with the access to your account that social media malware can provide. Combining that with increased connectivity between people allowing for a quicker spread of the malware means that your Facebook account has a glowing red target on it.

Defenses and Preventative Measures

When trying to prevent social media malware from getting into your life you are by no means alone or hopeless. You should consider following the tips below to make yourself safer:

  • Use a Virtual Private Network (VPN) whenever you are going to use social media in public (this includes checking Twitter on your smartphone). Hackers love to intercept data over public networks and use it against you, and this can include getting to your accounts and computer and installing malware. This can lead to either the direct takeover of your accounts or easier targeting of them.

    A VPN is a service that connects your computer to an offsite server using an encrypted connection, keeping hackers out and your data in. It also hides your location from anyone tracking you. You will want to make sure that you are getting the very best available, so read up on ones that will work best with your devices while using social media.

  • Make sure that you are updating your online security suite (and if you don’t have one, please get one now) frequently. Malware comes out quickly, and you need to be up to date in your defense as much of the time as possible.
  • No offense is meant, bur some of your social media friends have no idea what they are doing. Do not accept their app invitations or engage in their chain posts. Many of them are traps. If they have a copy and paste message with a link, don’t pay any attention to it.
  • Try to maintain at least some degree of privacy on social media. The opinions of strangers rarely matter, and you certainly have better things to do with your time. What cannot be seen cannot be so easily targeted, and if you partition off the pointless parts of social media those parts can’t get to you so quickly.


Social media malware isn’t going anywhere, and you need to be able to defend yourself. Fortunately, with the above knowledge and the right tools to aid you, you will not have any problems with this common menace.

Do you have any other ideas on what to do about social media malware? Have you encountered any problems yourself? Any stories to share? We would love to hear about them. Please leave a comment below and let us know what you think.


Cassie Phillips is a frequent author and blogger. You can find more of her work at SecureThoughts.

A special thanks to Shawn Tuma for sharing this article. His website is one of those websites that simply impressed me when I first stumbled across it. The content gives loads of new information that inform my technology decisions. Readers will want to check out this recent video blog on cybersecurity and data breaches.


Excellus Blue Cross Blue Shield’s big data breach and the security lessons we all need to learn

Guest Post by Debbie Fletcher

There are two possible conversations that could be kicked off by the news of the major data breach at Excellus Blue Cross Blue Shield in which more than 10 million customer accounts were exposed. The first possible conversation is about internet security and what businesses and organizations of all sizes need to be doing in order to better protect the customers that have entrusted them with personal and financial information. The second possible conversation is about whether or not it is technically ironic that Blue Shield failed to prevent an attack.

Continue reading “Excellus Blue Cross Blue Shield’s big data breach and the security lessons we all need to learn”

Would increasing CFAA penalties via the CISA Amendment really even help? I don’t think so.

As the Cybersecurity Information Sharing Act (CISA) is making its way through the Senate, it has stirred up more controversy with Senator Sheldon Whitehouse’s proposed amendment to the Computer Fraud and Abuse Act (CFAA), that he argues, would give law enforcement more tools to fight hackers. The Amendment would provide for increased sentences (up to 20 years) of those who harm computers connected to “critical infrastructure.”

Continue reading “Would increasing CFAA penalties via the CISA Amendment really even help? I don’t think so.”

Rocky Dhir Interviews Shawn Tuma About Cybersecurity for Lawyers at State Bar of Texas 2015 Annual Meeting

I had the wonderful opportunity to visit with and get to know Rocky Dhir (@rockydhir) at the State Bar of Texas 2015 Annual Meeting in San Antonio. Rocky is the Founder and CEO of Atlas Legal Research, LP (@atlaslegal), “the world’s leading legal outsourcing company.”

Rocky and I did a brief interview where we talked about a lot of things — but also cybersecurity and, more specifically, cybersecurity for law firms. Rocky is a pro at this and he does them all of the time for the State Bar of Texas’ Texas Bar TV channel — and it really showed, but I had a great time doing it and, in the end, that’s what matters, right?

Thanks Rocky!

Bleak Cybersecurity Future: Data Breaches on Track to Cost Companies $2.1 Trillion

I recently posted about how corporate general counsel now view cybersecurity as a top 3 concern. At this rate, it will soon be their #1 concern. A recent article in Corporate Counsel gives several reasons for why this problem will only continue to increase in volume, expense, and overall risk to companies:

  1. Companies continue to move more infrastructure online
  2. The annual cost of data breaches is projected to rise to $2.1 trillion by 2019
  3. Cybercriminals are more often hacking for profit instead of for “causes” as with hacktivism
  4. Nearly 60 percent of data breaches in 2015 are anticipated to be in North America
  5. The average cost of a data breach is projected to exceed $150 million by 2020
  6. Companies are developing quantum computers with so much power they will render ineffective all currently known defenses

Not only should corporate general counsel be concerned about cybersecurity, but so too should companies’ officers and directors because there is a growing trend toward liability for them as well.

Read more: Data Breaches on Track to Cost Companies $2.1 Trillion | Corporate Counsel.

Blog at | The Baskerville Theme.

Up ↑

%d bloggers like this: