As anyone with a newsfeed will tell you, fake social media accounts have been on the rise in recent years. A recent study revealed nearly 8% of Instagram accounts are spambots. A problem for marketers, sure, but it’s even worse for you. Creating a robot network, or botnet, used to involve hacking into thousands of computers and wresting control of them from their unsuspecting owners over a long period of time. Cybercriminals have now discovered an even easier and faster way to create their malicious networks that will carry out their malicious plots: the social botnet.
Unlike traditional botnets that directly infect computers to create networks, social botnets use social media platforms to create a network of fake profiles linked together to spread malicious links and content. To do this, cybercriminals either create hundreds of profiles themselves or use specially designed software programs to create and multiply false personalities.
James Foster, a longtime cybersecurity pro, has an excellent breakdown on social botnets and how they work. According to Foster, there are five distinct ways social botnet “herders” promote their wares. I’ll break down three of the most common—phishing attacks, retweet storms and hashtag hijacking.
Phishing attacks, in which cybercriminals pose as a trusted source to trick victims into giving up sensitive information, are often launched via email. Increasingly, however, they’re coming through social channels. This includes Facebook messages or Twitter replies and direct messages. Most people know how to spot these types of phishing messages, but botnet operators play a numbers game; send out thousands of messages on social media platforms and a few unsuspecting users will wind up being snared.
Another way cybercriminals disseminate malicious links is through retweet storms. In this scenario, a single fake profile will create a post containing a malicious link. Thousands of social bots connected to the profile will then retweet the post to reach the widest audience possible, aiming to lure in unsuspecting victims through the post’s staged popularity.
Social bots can also be used to infiltrate conversations on social networks centered around trending hashtags. Cybercriminals will command their social bots to create thousands of posts containing the trending hashtag along with a malicious link, knowing that someone will wind up clicking.
So, how are these social botnets being monetized? The social bot herders mainly make money from the data extracted through their malicious expeditions. They often sell this data to cybercriminal networks, or use the data themselves to access victims’ credit cards or bank accounts. Other times, hackers use the malware installed on computers through a social botnet to create a traditional botnet. They can then rent that botnet out to cybercriminals, or use it themselves to hack into other computer networks.
Simply put, social botnets are on the rise and there’s little to we can do to stop them at this time. There are, however, tactics you can use to keep yourself safe online:
- Enable two-factor authentication. I’ve discussed the benefits of two-factor authentication repeatedly, but it truly is one of the best ways to protect yourself. It protects accounts by asking you to provide verification with something you know (like a password) and something you have (like a smartphone). It’s one of the strongest methods of preventing unauthorized access to your information, and can help keep cybercriminals out of your accounts in the event of a social botnet attack.
- Beware of suspicious messages. Phishing attacks often rely on a victim’s trust of a company or organization, but most attempts are detectable. Grammar mistakes, messages from strangers or a strange request from someone you haven’t talked to in years are good indicators. If you’d like to brush up on your phony message detection skills, try our Phishing Quiz here.
- Use comprehensive security. Most attacks hinge on the ability to install malware onto your device. Thankfully, you can protect all of your devices from this malicious software with comprehensive security solutions like McAfee LiveSafe™.