Introduction
Humans value privacy and often desire to control who knows about them. People are undoubtedly uncomfortable with their personal information being accessible to anyone at all times.
Today, advanced information technology and big data are widespread, with massive technology companies storing exabytes of data. Such corporations possess the technical capabilities to collect, search, and store large quantities of data, including internet searches, electronic records, and telephone conversations. Furthermore, their business models are based on monetizing customers’ private data through targeted advertising (Jain et al. 2158). Recent technological advancements, such as social media and other technologies, threaten privacy by compromising consumer data control and exposing customers to negative consequences associated with personal data.
Overview of Social Media and Other Technologies
Concerns over the privacy of social media and technology users have spiked recently. Data breach incidents have alarmed users of social media and other technologies, prompting them to reassess their use of these platforms. The security of personal information is essential to the success of technology companies. As a result, a breach of private consumer data can destroy a company’s reputation and negatively impact affected customers (Kumar and Somani 128).
The exploitation of more than fifty million Facebook users to influence the 2016 presidential election highlights the grave consequences that social media and modern technology expose the public to. In addition, the breach of Facebook users’ data shows how bad actors exploit private data to manipulate many people’s opinions to benefit a few (Van den Hoven par. 1). For instance, Russia’s Internet Research Agency was accused of meddling in the 2016 U.S. election by spreading disinformation on social media to stir up distrust and conflict.
Organizations and individual consumers view privacy differently depending on their understanding. Users of social media and modern technologies often assume that their private data is not viewed or used by firms for their own benefit. In other cases, social media and technology consumers recognize that their data may be used for advertising purposes but lack the incentive to stop using such services. Social media and other technology companies often confuse users with vague privacy policies.
As a result, consumers are forced to accept unclear terms and conditions, making it easy for such firms to collect data with limited regulation (Van den Hoven par. 10). Ultimately, consumers should understand that their information is a product for many companies. Thus, they should evaluate the cost-benefit analysis of a particular service.
Reasons Behind Privacy Issues
The massive number of internet users allows attackers to compromise their privacy. There are about four billion users on the internet, with YouTube and Facebook having the highest number of users. Most of these users upload their multimedia content on the internet, making them vulnerable to aggressors. Social networks and other online technologies are the new digital milestone that attackers can use to target their victims (Jain et al. 2165). Attackers use social media and modern technologies for three reasons: scale, the nature of trust, and invisibility.
Scale
Scale refers to the large number of people who utilize social media and online technologies for various purposes. Since many people spend the majority of their time on social media for various reasons, hackers can distribute attacks that mimic viral trends. The attackers can utilize clickbait, trending topics, and hashtags to distribute malware that may target all individuals or a specific group (Jain et al., 2166). The enormous nature of online interactions between users presents a significant challenge for experienced security staff to overcome.
A Nature of Trust in Online Settings
Most online-based interactions are based on trusting relationships, as seen in the case of new Facebook friends. Users who accept a new friend request from a stranger depend on trust to interact successfully. Therefore, adversaries can use trust-based relationships to manipulate users into sharing their private information.
For example, when an unknown stranger sends a link to a mutual friend, the targeted user may easily click the link their friend provided without regard for a possible data breach. More than a third of all internet users accept friend requests from strangers (Jain et al. 2168). As a result, they can be easily influenced to share their private data through clickbait.
Invisibility to the Security Team
Most users are invisible to the security teams of major technology companies such as Google, Facebook, and Apple. However, the majority of individuals today spend more time on social media and other online technologies. Observing such a large populace can be highly challenging since security teams may lack the necessary tools (Jain et al. 2175). Such devices are needed to expand their perceptibility into specific borders in the social media domain, where workers are vulnerable to privacy compromise.
Various Threats on Social Media and Other Technologies
Today’s technology-based society extends interactions in the electronic internet world. The threats users face in social media and other online technologies can be divided into targeted threats, modern threats, and conventional threats. Conventional threats refer to attacks that users have experienced since the beginning of social networks and modern technology. In contrast, modern threats employ advanced techniques to access user accounts, whereas targeted attacks are specifically tailored to a particular user and may be committed for personal vendetta.
Conventional Threats
Malware Attack
Social media and other technologies make users susceptible to malware attacks, which are malicious programs specifically designed to access and compromise computer systems without the owners’ permission. Intruders can use multiple ways to distribute malware and infect networks and devices. For example, malware can be installed by diverting users to phony sites that acquire their private information (Tulane University, par. 8). In addition, attackers can inject malicious scripts in Uniform Resource Locators (URLs) that collect the system’s sensitive information.
Spam Attack
Spam refers to a term utilized for unsolicited electronic messages in bulk. Emails may be the conventional method of spreading spam; however, social media and other online technologies can successfully distribute spam. Legitimate users’ communication details can be obtained easily from the company’s newsgroups, websites, and blogs. It is not hard to convince target clients to read spam messages and trust that they are protected (Tulane University, par. 9). Most spams resemble commercial advertisements; however, they can collect privileged user information or may contain scams, viruses, or malware.
Phishing
Phishing attacks are social engineering threats where aggressors acquire confidential information such as credit card details, passwords, and usernames through fake emails and websites that appear natural. Invaders can impersonate authentic users and utilize the user’s identity to send counterfeit messages containing malicious URLs to others (Tulane University, par. 7). Different social engineering techniques in phishing involve redirecting them to fake websites that look legitimate.
Identity Theft
Identity theft involves the assailant utilizing another person’s identity, such as an address, phone number, mobile number, and social security number, with no user permission to commit an attack. Using such details, attackers can gain access to a victim’s friend list and demand privileged information using social engineering methods. Additionally, because the attackers impersonate legitimate users, they can seriously use the victim’s profile to impact authentic clients (Gruzd and Hernández-García 416). Identity theft is a disturbing privacy risk that affects all types of entities.
Modern Threats
Hijacking
Hijacking entails the adversary compromising or taking control of a specific user’s account to commit online fraud. Sites with no multifactor authentication and accounts using weak passwords are more prone to hijacking since users can phish passwords. In addition, if a site lacks multifactor authentication, it does not have a secondary defense line (Jain et al. 2167). Once the account or site is hijacked, attackers can share malicious links, send messages, and change account information that can harm a user’s reputation.
Cross-Site Scripting Attack
Cross-site scripting attacks are prevalent among hackers and are executed using malicious JavaScript on victims’ browsers. Browsers can be hijacked with one button click, sending malicious scripts to servers. In addition, attractive buttons and links in popular social media sites such as Facebook and Twitter can manipulate the user into visiting infected URLs. Other users may be compelled to paste a JavaScript link to their browser (Jain et al. 2168). If the links are infected, such attacks can steal information or be deployed as spyware.
Profile Cloning, Inference, and Sybil Attacks
In the profile cloning attack, attackers clone users’ profiles about which they have prior knowledge. Attackers can then use cloned profiles on the internet to create trusting relationships with unsuspecting friends of the actual user. When the connection is started, attackers can trick the victim’s friends into believing that fake profiles are valid, which can help acquire confidential information that is not shared publicly. Inference attacks infer the personal information of a handler that users do not want to disclose. It utilizes data mining techniques on visible and available data, like network topology and friend lists, to find an organization’s private information.
In contrast, Sybil attacks utilize a node to claim numerous network identities. A Sybil attack is harmful to users coupled through peer-to-peer networks (Jain et al. 2172). An online entity can create multiple fake identities and utilize those identities to spread malware and junk information.
Clickjacking and De-anonymization Attacks
Clickjacking refers to the invaders’ methods to deceive users into clicking pages different from the one the user intended. Attackers exploit browsers’ vulnerabilities to conduct the attack. In this case, the aggressor loads a page over another, which acts like a transparent layer. As a result, a user is fooled into loading an infected page. On the other hand, a de-anonymization attack involves using various strategies, including user group enrollment, network topologies, and tracking cookies to reveal a client’s real identity (Jain et al. 2170). De-anonymization allows mysterious information to be cross-referred to other sources to disclose anonymous information.
Targeted Threats
Cyber Grooming
Cyber grooming is an online privacy risk encountered by victims, usually adolescents and children. It establishes an emotional and intimate relationship with a user to gain the trust of a youngster with the end goal of obtaining individual and confidential information. Data, in this case, can be sexual conversations, videos, and pictures. Cyber grooming is a privacy concern for society since assailants approach teenagers using counterfeit identities on various online sites, leaving children vulnerable and exposed to cyber grooming (Jozani et al. 28). The anonymity of advanced media and technologies allows groomers to exploit youngsters, contributing to the rising cyber grooming instances.
Cyberstalking
Cyberstalking refers to observing a person using email, the internet, or other electronic correspondence that disrupts mental peace for the affected. Cyberstalking is an example of an infringement of a person’s privacy rights. Attackers track victims’ confidential information to threaten a user through persistent and continuous messages.
Cyberstalking makes a victim extremely worried about their safety, leaving them disturbed. Since most individuals share private information in their online profiles, such as residential areas and telephone numbers, assailants can access and use it to stalk victims (Jain et al. 2166). Ultimately, cyberstalking may lead to a deterioration of a victim’s mental health.
Cyberbullying
Cyberbullying is a privacy risk that enables aggressors to utilize electronic media, including phone conversations, chats, emails, and online sites, to harass people. Attackers harass victims using intimidating messages, embarrassing videos, and sexual remarks. Aggressors may also publish a victim’s private information, which often leads to humiliation (Ali et al. 114). Cyberbullying happens continuously, affecting a person’s mental health, and it is rarely accidental.
Conclusion
Social media and other technologies expose users to privacy issues that affect control over their private information. As a result, it is critical to understand the various privacy risks exacerbated by modern technologies and social media use. Social media companies use consumer data as a product since they sell behavioral advertising using the information collected from microtargeted users. The significant data privacy challenges include conventional, modern, and targeted attacks. The scale of the online landscape makes it easy for hackers to find potential targets for their attacks. Therefore, users must be extremely careful while using social media and other online technologies.
Works Cited
Ali, Shaukat, et al. “Privacy and Security Issues in Online Social Networks.” Future Internet, vol. 10, no.12, 2018, p. 114.
Gruzd, Anatoliy, and Ángel Hernández-García. “Privacy concerns and self-disclosure in private and public uses of social media.” Cyberpsychology, Behavior, and Social Networking, vol. 21, no. 7, 2018, pp. 418-428.
Jain, Ankit Kumar, et al. “Online Social Networks Security and Privacy: Comprehensive Review and Analysis.” Complex & Intelligent Systems, vol. 7, no. 5, 2021, pp. 2157-2177.
Jozani, Mohsen, et al. “Privacy Concerns and Benefits of Engagement with Social Media-Enabled Apps: A Privacy Calculus Perspective.” Computers in Human Behavior, vol. 107, 2020, pp. 1-43.
Kumar, Sunil, and Vikas Somani. “Social Media Security Risks, Cyber Threats and Risks Prevention and Mitigation Techniques.” International Journal of Advance Research in Computer Science and Management, vol. 4, no. 4, 2018, pp. 125-129.
Tulane University. (n.d.). “Social Media Privacy Issues for 2020: Threats & Risks.”
Van den Hoven, Jeroen, et al. “Privacy and Information Technology.” Stanford Encyclopedia of Philosophy, 2019.