September 8, 2025

Could your social media profile be at risk?

4.9 (56)

Could your social media habits put your company at risk?

Related reading

Browse through your apps, and you’ll likely spot some names you don’t recognize. Where did these unknown apps on your PC come from, and can you trust them?

Are PDF digital signatures really trustworthy?

Researchers attempted to change the contents of a signed PDF without breaking the signature.

At the RSA Conference in San Francisco, I attended a panel that highlighted an interesting concern in today’s world of insecure big data. Ian Amit from Zerofox discussed how cybercriminals could exploit social media activity to target individuals and gain access to corporate networks.

The concept is straightforward — we share a lot of personal information online, and much of it is accessible to virtually anyone, including criminals. This information can be used to facilitate attacks on a company.

What makes you a potential target?

The idea is quite credible. Social media platforms are known to be common targets for phishing, and criminals are aware of this. By analyzing big data, attackers can identify people who may be easier targets or hold strategic value for an attack.

Amit pointed out that users who post frequently about polarizing topics — such as politics, religion, sports, or social causes — may attract attention. For instance, someone showing strong interest in a particular politician, say “Bernie Trump,” could be tricked into clicking or sharing links from accounts that mimic real ones but actually distribute phishing links.

People working in IT, Corporate Communications, or Finance departments are also more likely to be targeted due to access to sensitive corporate data. Executives and board members are additional high-value targets.

What steps can you take?

The easiest and most effective approach is to stick to basic cybersecurity practices: avoid clicking on suspicious links, only open files from verified sources, and always check the sender’s identity. The importance of verifying the sender was highlighted in the recent Snapchat phishing incident.

Be mindful of who you follow back on social media, as fake accounts could later pose risks.

Should companies adopt this profiling?

Using big data to evaluate risk for employees is still an emerging practice. Most companies with millions of customers do not fully leverage big data internally, making widespread adoption for employee monitoring unlikely at present.

It’s probable that only highly sensitive or high-risk industries are experimenting with this approach.