minute read
Social Media Security

The ZeroFox Social Media Monitoring Playbook

In recent years, social media has become a crucial channel for businesses to build their brand, generate new business, and resolve customer issues. But unfortunately, threat actors are also using social media to target brands and consumers. They use fake profiles impersonating a brand, fake social media ads passing as legitimate brands online, and even sell counterfeit goods via fake profiles or private groups. 

The consequences of social media infringements can be catastrophic. Besides your brand reputation being tarnished, your business and consumers can lose a lot of money to social media scams. In fact, according to FTC, U.S. consumers lost $1.2 billion in social media scams in 2022 alone. 

To protect your brand and customers from social media scams, you need to implement social media monitoring as well as partner with an external cybersecurity provider like ZeroFox that can handle social media and domain takedowns at scale. 

What is Social Media Monitoring?

Social media monitoring is the process of identifying and determining what is being said about a brand on various social media platforms. It monitors brand health, mentions, keywords, and even competitor activity on different social media platforms. Social media monitoring can be active, for instance, searching for references to your brand, campaigns, or actions, or it can be passive, for example, listening to people to discover what interests them. 

One of the important benefits of social media monitoring is that it can help with brand protection online. This is because it can identify brand references in various contexts, including general brand mentions and intellectual property abuses, such as fake profiles. By picking up negative customer comments or identifying intellectual property abuses early, you can implement brand protection strategies to prevent your brand reputation from being tarnished. 

That said, while social media monitoring and social listening are often used interchangeably, these concepts are not the same. Social media monitoring entails searching for, gathering, and interacting with individual brand mentions. Meanwhile, social listening focuses on large sets of online data (not individual mentions) and analyses information for strategic insights. 

How Does Social Media Monitoring Protect Your Brand?

There's no denying the importance of social media as a marketing tool. However, as the number of businesses using social media to market their products and services increases, so do social media security threats. According to a 2021 Statista study, 21% of organizations globally were targets of 1-10 social media attacks. Additionally, 34% of organizations experienced 11-50 cyber attacks generated via social media. This study reiterates the importance of having strong social media security. 

One excellent way of upholding social media security is to use social media monitoring tools to prevent social media risks. These tools crawl sites, continuously index them, and then search the indexed sites based on queries or strings. The strategies you should implement when using social media monitoring software for social media protection include: 

  • Creating a social media policy: A brand policy outlines what employees can and can't do on your brand's social media handles. The policy should contain brand guidelines, editorial guidelines, and corporate guidelines. It should also include the consequences of an employee violating social media policy. 
  • Setting a social media crisis alert: A social media crisis can arise anytime. A social media monitoring tool can alert you if threat actors are impersonating your profile to scam customers. It can even alert you if the number of negative mentions about your brand surges. 
  • Creating a social media privacy guide: You should create a privacy guide outlining steps for bolstering the privacy setting of your social media accounts on the core social media networks. 

Why Does Social Media Attract Threat Actors?

While threat actors use various attack surfaces to launch their attacks, social media is one of their favorite attack surfaces. Here are some reasons why:

Audience size 

Social media is one of the most popular online activities. In 2022, approximately 4.59 billion were using social media globally, a number projected to increase to roughly 6 billion by 2027. 

As various social media platforms become more intrinsic to our daily lives, social media has become a crucial attack surface for threat actors. Social media provides several avenues, such as friend requests, shares, plugins, and advertisements, which threat actors can use to deliver malware to multiple users. 

Social commerce features 

Social media platforms such as Facebook and Instagram have social commerce features that online businesses can use to market or sell their products and services. Threat actors can exploit vulnerabilities in these social features to trick unsuspecting customers into divulging confidential information or even purchasing counterfeit products.  

Increased intellectual property enforcement on major marketplaces 

Social media platforms such as Facebook and Instagram have evolved into more than just social platforms. They have now also become ecommerce platforms. 

The increased intellectual property enforcement on major marketplaces has made them an attractive attack surface for threat actors. Today, intellectual property infringement and brand abuse stretch far beyond counterfeiting; threat actors are increasingly coming up with new ways to make money off a brand's success. 

Ease and Anonymity 

Another reason threat actors are attracted to social media is the anonymity and ease of launching attacks on these platforms. For example, threat actors can easily access users' personal information, such as birthdays, locations, and even hobbies, which they can use to launch their attacks. Also, given that social media platforms function on the idea of users sharing and interacting with content anonymously, threat actors can easily impersonate an individual or brand and carry out an attack. 

Fake Reviews 

The online world is overrun with fake reviews. According to a World Economic Forum Report, fake reviews influenced approximately 152 billion in global spending on lackluster products and services in 2021. 

The fake reviews on social platforms also make these platforms attractive to threat actors. They can easily create fake profiles with fake reviews, which they can use to scam consumers and businesses alike. 


Brandjacking is the illegal practice of using another business's brand name for use in one's own marketing. There are different forms of brandjacking, including: 

  • Social media piggybacking: This entails a threat actor drafting on your brand's viral post on social media or social networks to redirect traffic to their channel. It could also entail a threat actor posting about, interacting with and sending messages to a brand's audience.
  • Brand name mentions: This is the most common type of brandjacking. It entails creating content that contains a competitor's brand name. 
  • Cybersquatting: This entails using a social handle or domain name that includes a brand's name or something associated with the brand to appear on their audiences' search engine results. It could also entail a threat actor registering a brand's trademark or creating social media pages similar to their target brand's. For instance, if your brand name is XYZ Logistics, they may think of registering as @XYZLogistics1. They may also register common misspellings, such as @XZYlogistic. 

Brandjacking has been getting attention in the past few years, given the rise of social media and the ease of creating a quick fake account. 

Talk to us about how ZeroFox can help you here

What Are The Most Common Types of Social Media Scams?

Social media scams are those that originate on social networks and social media platforms. Threat actors use social media as a low-cost platform for reaching billions of potential victims. They typically create fake profiles or steal already verified pages to conduct fraud. In fact, roughly 19% of social media accounts associated with the top 10 brands globally are actually fraudulent. 

That said, the first step to preventing social media scams is to know which scams to be on the lookout for. Here are the common types of social media scams: 

Phishing and Malware Scams 

Social media phishing occurs when a threat actor creates a fake social media profile or account to impersonate a brand. The threat actor may copy a brand's page in its entirety, including the brand name (they may make a slight adjustment in the spelling), cover images, profile photos, and even posts to look genuine. 

The threat actors may then use the fake account to lure unsuspecting customers and take advantage of them in a number of ways, including: 

  • Selling counterfeit products to them 
  • Directing them to a phishing website to steal their personal information, such as login credentials and credit card numbers. 
  • Offering high discounts on defective or outdated products. 

A threat actor can also launch a social media phishing attack by sending malicious links or messages to social media users. When you open the messages or click the link, the threat actor gains access to your account's login details and takes over the account. They can then use your social media account to scam your followers. 

Although this type of phishing isn't as sophisticated as email attacks, social media mass phishing attacks can easily affect millions of people.  

Impersonation of Brands by Users 

Brand impersonation (brand spoofing) is a highly effective technique that scammers use to steal data. The threat actors usually create a social media account identical to that of the brand they are impersonating in every way. By posing as a recognizable brand familiar to customers, the threat actor can trick their victim into clicking a link or even purchasing a counterfeit product from them. 

Brand impersonation is a numbers game. By impersonating a known brand, a threat actor is likely to trick a sizable portion of a brand's customers into divulging their confidential information, purchasing a counterfeit product, or other actions. 

Tech giants are the most spoofed. According to IBM, brand impersonation/spoofing mostly attacks target tech giants such as Apple, Google, and Microsoft. 

Hidden URLs

Threat actors can shorten URLs or even hide the full location of a web page and direct customers to a phishing site. Alternatively, they may even share the hidden URLs to direct a customer to a malicious website that can install malware onto their device and steal their personal information. 

Prizes and Giveaways 

A scammer could also pretend to be a brand representative and contact unsuspecting customers, informing them that they have won a prize despite not even having entered any contest. The threat actor will inform the customer that the requirement for claiming the prize or giveaway is to pay a small processing or shipping fee. Upon receiving the money, the threat actor disappears. 

How Can Social Media Takedowns Protect My Brand?

A social media takedown refers to the process of having users or posts that violate the Terms of Service removed from a social media platform. Social media takedowns can result from a fraudulent seller selling counterfeit goods, a user posting content containing harassment, or even a user impersonating someone else or a brand. 

While takedowns are usually used as a digital risk protection strategy for companies when they find content online that threatens their brand's reputation, there are several other reasons a takedown could occur, including: 

  • A fraudulent profile attaching itself to a brand and attempting to influence the brand's reputation maliciously. 
  • An unauthorized reseller selling a brand's products or counterfeit version of the brand's product
  • A threat actor targeting a brand's customers and employees with phishing and malware attacks 

 The general timeline of a social media takedown would include the following:

  • A malicious post mentioning your brand is created, tying it to the malicious content, even though your brand isn't directly involved in its creation.  
  • Your digital risk protection platform or social media manager alerts you of this content. 
  • You involve your security team to begin the remediation process. You may either deal with the threat internally or seek the help of a social media takedown company such as ZeroFox. Some ways the threat could be remediated include requesting the post to be deleted by the social media platform in question, blocking the user who posted the threat (this won't stop users from seeing the post), or requesting the poster's profile be removed entirely. 
  • Upon deciding on the best course of action, you can request a takedown through the social media platform. 

Is Your Brand Protected on Social Media? Protect Today. Predict Tomorrow. 

ZeroFox can eliminate the hassle of having to perform social media takedowns manually. Our leading global takedown service helps your business deal with any external threats your brand faces to keep your company safe and secure on social media platforms in the long run. Threat actors operate beyond your internal perimeter, and so should you. ZeroFox's takedown as a service can help protect your online brand reputation. Our solution can give you visibility into channels that are currently blind spots to you so that you’re never caught off guard. The intelligence gained from our platform can help you not only protect your brand reputation but also protect your customers from online scams, ultimately preventing revenue loss to threat actors. Request a demo to find out how our solution works.

See how we'll protect your VIPs in just 15-minutes.
Keep Learning

Why ZeroFox for social media protection?

The only cybersecurity company to go public in 2022, ZeroFox protects the world’s leading companies, organizations, and governments with the only unified platform for external cybersecurity.

Forrester has recognized ZeroFox as a leader in Digital Risk Protection with best-in-class takedown services.

Read this Forrester Total Economic Impact study to see how ZeroFox delivers a 267% Return on Investment.

Forrester has recognized ZeroFox as a <span class="text-fox-red">leader in Digital Risk Protection</span> with best-in-class takedown services.

ZeroFox has 700+ global disruption partners, including the biggest hosts, registrars, and social media platforms

ZeroFox has <span class="text-fox-red">700+ global disruption partners,</span> including the biggest hosts, registrars, and social media platforms

More popular resources