EventsEventsPodcasts
Loader

Find Us

ADVERTISEMENT

Euroviews. Is Meta’s record-breaking Threads app yet another avenue for cyberattacks?

Meta's new app Threads, July 2023
Meta's new app Threads, July 2023 Copyright AP Photo/Euronews
Copyright AP Photo/Euronews
By Dr Niklas Hellemann, Psychologist, CEO, SoSafe
Share this articleComments
Share this articleClose Button
The opinions expressed in this article are those of the author and do not represent in any way the editorial position of Euronews.

Whether it’s the launch of Threads, the shift to remote work, or even the start of the war in Ukraine, hackers will manipulate our emotions against us, Dr Niklas Hellemann writes.

ADVERTISEMENT

Threads, the new social media platform from Meta and supposed Twitter competition, is officially the fastest-growing new app in history. 

In just five days, the Twitter competitor was able to gain over 100 million users, which is even more impressive as the app is not yet available in Europe. 

However, in an already treacherous dark economy, where various channels are leveraged for cybercrime, Meta’s new social media superstar is yet another convenient avenue of attack for career cybercriminals and their social engineering toolkit. 

Civilians and employees – especially those who work with sensitive data – must be vigilant, as the rapidly expanding social media landscape represents a serious security risk.

A plethora of scams

In the short time since its release, cybercriminals have already used Threads' high-profile launch to attempt to scam and attack unsuspecting users. 

For instance, criminals have developed phishing sites that mimic non-existent web versions of Threads, which are designed to trick users into entering their login details. 

Because Threads is connected to other Meta services, cybercriminals could use these phishing sites to steal access to users’ other social media accounts, such as Instagram or Facebook. 

Fake versions of the app have appeared in smartphone stores, either to trick users out of their money by requiring payment or to act as a channel for malware and phishing attacks.
OLI SCARFF/AFP
A cosplayer dressed as Darth Vader holds a mobile phone displaying the Government alert to test a system used to warn of emergencies, Scarborough, April 2023OLI SCARFF/AFP

This is not only a privacy risk, opening the door to identity theft and doxing, but also a financial risk, as criminals may be able to steal personal banking information.

Similarly, fake versions of the app have appeared in smartphone stores, either to trick users out of their money by requiring payment or to act as a channel for malware and phishing attacks. 

Earlier this month, Apple had to remove a counterfeit Threads app from its European app store after it climbed to the number one spot in its store.

Social media, the perfect hunting ground

One reason these fraudulent sites and apps have been so successful is that Threads is not yet available to European consumers. 

Its launch in the EU was delayed due to regulatory issues over the extensive amount of data Threads collects on its users, which should concern prospective users. 

Threads can collect personal information, including location, finance and even health and fitness data. 

This treasure trove of data makes it an attractive target for hackers, representing a serious vulnerability if it is breached.

Without vetting, there is a risk of impersonators pretending to be well-known celebrities or organisations, possibly scamming users out of their money or as part of a multi-channel phishing attack.
ALAIN JOCARD/AFP
A visitor watches a Meta Platforms CEO Mark Zuckerberg speech on a screen at the Meta booth in Paris, June 2023ALAIN JOCARD/AFP

Those who can use Threads must also be careful about who they follow. Threads’ current verification system allows anyone to purchase a “tick”. 

Without vetting, there is a risk of impersonators pretending to be well-known celebrities or organisations, possibly scamming users out of their money or as part of a multi-channel phishing attack. 

Social media is the perfect hunting ground for spear-phishing attacks: by harvesting personal details, cybercriminals can craft their attacks to target people with surgical precision, including by pretending to be an authority figure, such as the CEO of a business. 

This is made even easier because users may falsely believe that they are in a safe, private environment and feel encouraged to broadcast their personal information.

ADVERTISEMENT

FOMO, a part of human nature

The security issues around Threads relate to a basic psychological phenomenon that leads to potential risks. 

Namely, humans are fallible in the sense of reacting with certain behaviour to certain emotions, and when faced with the novelty and excitement of getting to grips with new technologies, they often let their guard down. 

In their haste to try out Threads, many users are exposing themselves to these scams. 

"FOMO" - the fear of missing out – is very real when it comes to jumping headfirst into exciting new platforms, but unfortunately, so are the potential risks.

Our increased dependency on this wider range of tools and platforms provides an advantage to cybercriminals, giving them more channels and vulnerabilities to attack and more ways to collect valuable data.
FABRICE COFFRINI/AFP or licensors
A person films watches with her mobile phone at the Rolex booth during the luxury watch fair 'Watches and Wonders Geneva', in Geneva, March 2023FABRICE COFFRINI/AFP or licensors

However, there is a bigger issue at play. The rapid diversification of not just social media channels but also the communication tools and collaboration platforms we use in our everyday work and personal lives mean that we are frequently getting to grips with unfamiliar technologies and environments. 

ADVERTISEMENT

Our increased dependency on this wider range of tools and platforms provides an advantage to cybercriminals, giving them more channels and vulnerabilities to attack and more ways to collect valuable data.

The security concerns around Threads also point to the simple fact that most people are unaware of the huge menu of tactics and methods used by today’s highly professional hackers. 

The cybercrime industry has never been more sophisticated or had more resources and opportunities, with the professionalisation of cybercrime leading to the creation of organised networks operating like slick criminal enterprises. 

Their main chance for success? Playing with our human psyche and emotions.

This is what you can do to protect yourself

So, how can everyday people stay safe in this ever-evolving cyberthreat jungle? 

ADVERTISEMENT

First, we need to raise awareness of the threats that are out so that people remember to protect themselves online. 

By learning to spot threats or malicious messages, people are much better equipped to deal with them rather than learn the hard way.

Second, we need to reinforce safe online behaviour. That means setting strong passwords and using multi-factor authentication to keep login details secure, but also being aware of what information we are sharing online – social media are public platforms where you cannot control the spread of information. 

Where possible, set your account to private.

Be aware that cybercriminals will find ways to exploit current affairs as they are masters of social engineering.
AP Photo/Petros Karadjias
Spectators use their cell phones as they record the German rock band Scorpions during a concert in Limassol, July 2022AP Photo/Petros Karadjias

Finally, be aware that cybercriminals will find ways to exploit current affairs as they are masters of social engineering.

ADVERTISEMENT

Whether it’s the launch of Threads, the shift to remote work, or even the start of the war in Ukraine, hackers will manipulate our emotions against us.

Today’s cybercriminals are experts at exploiting the human psyche. 

Only if we are aware of the innovation strength and creativity of cybercriminals and practice secure behaviour while online will we be able to notice these risks continuously and stay safe. 

Dr Niklas Hellemann is a psychologist and the CEO of SoSafe, a security awareness scale-up.

At Euronews, we believe all views matter. Contact us at view@euronews.com to send pitches or submissions and be part of the conversation.

ADVERTISEMENT
Share this articleComments

You might also like

With Twitter gone and users unsure about X, is Bluesky the future? We try it out

Meta begins blocking news content in Canada over new publisher payment law

Meta posts stronger-than-expected profit and revenue for Q2 as advertising rebounds