This blog is drawn from the Digital Shadows’ Social Media Monitoring Solutions Guide, which provides best practices for security teams who want to derive value from social media sources. 

Social Media Monitoring Overview

For most businesses, social media is a crucial channel for building a brand, generating new business, and resolving customer issues. Unfortunately, it is now also part of the ever-expanding attack surface.

Social media provides malicious actors a new channel to lure users into clicking on phishing links to harvest their credentials or allow for downloads of malicious attachments. 

However, social media equally offers security practitioners a vast and potentially hugely valuable source of intelligence about threats. 

For both of these reasons, social media is considered to be a vital source of collection for any threat intelligence or digital risk program.  

Collecting from Social Media

When we think about social media, we often think about three or four specifically: Twitter, LinkedIn, Facebook and Instagram. Depending on your threat model and operating geographies, it may also be necessary to monitor social media platforms popular in other countries, such as Sina Weibo and WeChat (China), and VK (Russia).

Some extend to messaging platforms, such as Telegram, IRC, WhatsApp and Discord.

Collecting from social media sources is not always a straightforward process, especially for sites that have significantly reduced the ability to pull data. Our Social Media Monitoring guide, however, dives into some free resources you can use to overcome these challenges. 

Top Security Use Cases

Wherever you chose to look for social media data, it’s imperative that you focus on specific use cases. Given how much data is out there, it can be tempting to expand into more marketing and brand-centric use cases (i.e. sentiment analysis). However, for security teams it is important to focus on just those areas pertaining to cybersecurity. 

In the guide, we outline four of the most common use cases security teams focus on:

  • Spoof Company Accounts. Fake accounts set up to phish customers, most commonly on Twitter and Facebook.
  • Executive Impersonation. Target attacks against your VIPs, often on sites like LinkedIn.
  • Account Takeovers. Password reuse that can leave any social account open to takeovers.
  • Track Threats and Trends. Making use of the amazing community of security researchers to gain valuable insight into the threat landscape.

Download the Social Media Guide for More

I hope this short blog gives you a good idea of what to expect with our new Social Media Monitoring Solutions guide, which I would urge you to download a copy of.