The Anatomy of an Enterprise Social Cyber Attack [Infographic]

June 12, 2014

By now, social media has clearly established itself as a dominant force in our lives: Nearly three-quarters of adults who go online use a social network of some kind. More than two of five use multiple social network sites. As a result, cyber criminals are flocking to these sites to trigger attacks, targeting users and organizations. In fact, one-third of data breaches originate via social networks, and companies suffer an average of $5.4 million per attack. [1] Still only 36 percent have instituted the bare minimum of social media training for employees and even fewer have active Social Risk Management programs. [2] Employees are directly in the crosshairs and the “Anatomy of an Enterprise Social Cyber Attack” serves as an introduction to the attack methodologies of adversaries. Through the following tactics, seven in ten individuals fall prey to a cyber attack – putting their employer organizations at risk in the process. Here’s what you need to safeguard against…


The Set Up: Bot Armies

It’s easy for crooks to disguise a planned bot-army attack. They post viral videos and articles and build a profile which can reach millions of users. In addition, they commonly “trendjack” by joining popular social conversations and posing as someone with something to bring to the discussion. Because these posts and profiles actually “belong” to the bots, the criminals target companies, customers and members of the public by getting them to click on seemingly harmless links, such as that of a funny animal video. There are two primary attack methods that these “bots” use, Phishing & Malware.

Distribution: Phishing

Adversaries can set up sites that appear just like any perfectly legitimate corporate property. They can take a logo and establish a presence for a bank which looks every bit as “real” as the financial institution’s, and then proceed to trick customers into entering their login credentials. Ultimately, the phishing culprit seeks to acquire all forms of sensitive information – user names, passwords, credit card numbers, etc. – through these convincing acts of deception. Because users tend to stick to either the same or very similar passwords for both their work and personal accounts, their organization’s network security is immediately placed in jeopardy.

Distribution: Malware

Malware is code similar to JavaScript, and it can control functions of a user’s Internet browser and alter files. It infects devices, networks and systems, and its creators are highly skilled at hiding it from traditional IT security tools. The code is surreptitiously posted on websites that launch or download without the victims even being aware of it. Victims don’t have to click on malware to activate it; computers and devices can get affected just by visiting the troublesome host site. Once the attack is successfully initiated, malware can access all data, passwords and other valuable informational assets on the victim’s machine. In many cases, it will attempt to then replicate and compromise any other system on the network – including a company’s. Given the wealth of Bring Your Own Device (BYOD) acceptance, organizational leaders should take a position of high vigilance when it comes to social media, their employees and cyber threats. There is too much at stake – proprietary information, customer data, financial statements, etc., as well as systems operational assurance – to dismiss the concerns. At ZeroFOX, we deliver an Enterprise Social Risk Management suite to enable organizations to identify, manage and mitigate social media-based information security risk. If you’re interested in learning more, contact us.


1. Duggan, M. and Smith, A. (2013, December 30). Social Media Update 2013. Pew Research InternetProject. Retrieved June 11, 2014, from

2. Gesenhues, A. (2013, September 27). Survey: 71% Of Companies Concerned Over Social Media Risks, But Only 36% Provide Employee Training. Marketing Land. Retrieved June 11, 2014, from