Abstract
Social media are getting more and more ingrained into everybody’s lives. With people’s more substantial presence on social media, threat actors exploit the platforms and the information that people share there to deploy and execute various types of attacks. This paper focuses on the Norwegian population, exploring how people perceive risks arising from the use of social media, focusing on the analysis of specific indicators such as age, sexes and differences among the users of distinct social media platforms. For data collection, a questionnaire was structured and deployed towards the users of multiple social media platforms (total n = 329). The analysis compares risk perceptions of using the social media platforms Facebook (n = 288), Twitter (n = 134), Reddit (n = 189) and Snapchat (n = 267). Furthermore, the paper analyses the differences between the sexes and between the digital natives and non-natives. Our sample also includes sufferers of ID theft (n = 50). We analyse how account compromise occurs and how suffering ID theft changes behaviour and perception. The results show significant discrepancies in the risk perception among the social media platform users across the examined indicators, but also explicit variations on how this affects the associated usage patterns. Based on the results, we propose a generic risk ranking of social media platforms, activities, sharing and a threat model for SoMe users. The results show the lack of a unified perception of risk on social media, indicating the need for targeted security awareness enhancement mechanisms focusing on this topic.
Highlights
Identity theft and account hacking are significant security threats in the digital era
Looking at what are the best practices for people to protect their social media account, we looked at a public advisory company called NorSIS and Nettvett which are governmental owned companies in Norway, that strive for cybersecurity awareness for the public and small/medium enterprises
When we examined the risk perceptions of social media usage, we started by analysing the risk perceptions of posting various pieces of information on SoMe
Summary
Identity theft and account hacking are significant security threats in the digital era. Today’s societies are deeply interconnected and reliant on digitally offered services with most of the peoples’ everyday dealings, including banking and their payments, happening online and via mobile devices. Have I been pwned (https://haveibeenpwned.com/ Visited Oct 2020) is an online database comprising leaked credentials for accounts claiming to consist of over 10 billion usernames and passwords. The consequences and effect propagation of identity theft are further intensified when considering the potential for social engineering through social media (SoMe) misuse. A well-known case of a high profile SoMe account that was hacked could be Skype’s Twitter account back in 2014 (https: //www.theverge.com/2014/1/1/5264540/skype-twitter-facebook-blog-accounts-hacked), that was employed by the attackers to post a tweet with the text “Do not use Microsoft emails...”
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
