New research reveals cybersecurity risks of overexposure on social media
The gaming and esports market is rapidly growing and in parallel, it’s becoming a bigger target for cyber attacks. A new report by PiiQ Media finds that this industry is at high risk for phishing and other attacks, based on information publicly available online.
The global esports/gaming market is set to reach almost $200 billion in revenue by 2022, and at the same time, cyber attacks on this industry grew by 340% in 2020, a report from Akamai found. This includes social engineering attacks, on which employees’ personal information exposure on social media can have a significant impact.
PiiQ Media conducted a complete social media risk assessment of 100 U.S. gaming and esports executives. The company identified available social media accounts for each executive across LinkedIn, Facebook, Twitter and Instagram and then applied PQ Risk’s analysis and scoring. The data included in this report represents the cumulative percentages of some of the highest risk factor occurrences for all 100 executives.
The first step attackers typically take is to identity persons of interest based on an association with a company, job title or other organization related to membership or interest. In PiiQ Media’s analysis of gaming executives, researchers found:
- Most gaming executives publicly list company information and publicly exposed relationships related to employment and interests were accessible for 99% of the executives researched.
- A business email address was easily identified for 100% of the executives and all of them had three or more social media accounts that were easily discoverable.
- 54% of executives have email accounts that lack proper DMARC/DKIM/SPF records set, which allows attackers to impersonate valid email accounts more easily and makes it more difficult for a potential victim to assess and detect malicious emails from authentic ones.
Aaron Barr, chief technology officer, PiiQ Media, said: “Organizations often overlook the threat that the social media activity of their employees poses. Attackers are especially interested in executives, since they typically have greater access to the company’s digital assets. To combat this trend, companies need to adopt more actionable social media use policies and implement continual assessments of employees’ personal information exposure. They also need to continually train and remind employees of these policies as a vital aspect of their overall cybersecurity strategy.”
Seaworthy Roguelite RPG Maritime Calling Sets Sail into Steam Early Access this September
