From Gen Z Millennials to tech-savvy Chief Digital Officers (CDOs), we all envision a tiered pyramid as our social media paradigm. We assign “trust levels” to different levels.
Our concepts of digital trust replace the fascination of mass media with the social media business. We might find Elon Musk’s recent headline-inspiring tweets interesting, but that doesn’t necessarily mean we trust Twitter as a platform.
Loved by pop stars and politicians, Twitter isn’t high on the must-trust list. Neither does Facebook, which boasts an impressive 2.9 billion MAUs (monthly active users with 1.9 billion DAUs).
A high level of participation usually indicates a minimal wheat-to-chaff level. But proponents argue that the massive user base means consumers can frolic in mainstream offerings or delve into the “Long Tail” and read certain regional forums — or enjoy photos of Chihuahuas in hats.
Know your (social) customer
Such platforms emphasize the measures they take against fake accounts. But the effectiveness of such prohibition strategies is questionable.
Take this random profile generator for short-form video hosting service TikTok, for example. Choosing parameters via dropdown menus and uploading some images can generate a fake profile including a lock screen in your choice of Android or iPhone.
Digital trust is replacing mass media’s fascination with the social media business
“You can change EVERYTHING like the username…the number of followers, the number of likes and the bio information,” the site reads. “This generator has nothing to do with Tiktok.”
While it is instructive to regularly examine social media sleight of hand tactics, the level of stupidity for CDOs is no secret. Fake profiles abound on the lowest common denominator social media platforms.
To the top of the pyramid
But LinkedIn positions itself differently. “Launched May 5, 2003, the platform is primarily for professional networking and career development, allowing job seekers to post their resumes and employers to post vacancies,” according to Wikipedia.
It’s popular: “As of February 2022, LinkedIn has over 830 million registered members from over 200 countries and territories.” Note that Twitter currently has about 400 million users.
LinkedIn is celebrated for promoting personal branding, recognizing achievements, and pursuing career opportunities. The platform is typically viewed as blue chip social media.
Loved by pop stars and politicians, Twitter isn’t high on the must-trust list
“LinkedIn has long said that the professional nature of the [its] platform sets it apart [and it ] This is by far the place where most professionals gather to stay connected and informed, advance their careers and work smarter,” LinkedIn says on their website. “The professional nature of the LinkedIn network makes the LinkedIn platform less prone to misleading content [a 2019 report by] Business Insider.”
LinkedIn says, “The report found that members were only 2% likely to post misleading content on LinkedIn, compared to a 42% chance on Facebook.” And supporting a later study by US-based Insider Intelligence LinkedIn’s claims about social media credibility.
trust and relevance
The 2021 Digital Trust Benchmark Report surveyed “1,730 U.S. social media users about the factors that most influence their trust on social platforms and how those factors affect their decision to engage with ads or sponsored content there to interact”.
It goes without saying that users on platforms they trust tend to be more receptive to ads. The report “evaluated how these users feel across nine major social media platforms — Facebook, Instagram, LinkedIn, Pinterest, Reddit, Snapchat, TikTok, Twitter and YouTube — and shows to what extent trust influences ad usage and attitudes.” And privacy is a key factor.
“More than half (52%) of respondents said that a platform’s privacy and data protection has a major impact on their decision to engage with the ads or sponsored content they see there… Our research suggests that advertisers must take into account the state of user confidence in their advertising spending decisions. They should prioritize privacy both in their own internal policies and in their advertising decisions.”
The February 2022 release date triggers this prophetic quote (in light of Elon Musk’s Twitter infighting): “Trust concerns have not always prompted advertisers to actively scale back their social advertising spend. And if it does, then only temporarily. Previous boycotts were often short-lived before advertisers quietly returned to platforms.”
Direct CISO spoofing
Recently, security researcher Brian Krebs uncovered apparent attempts to forge CISO identities on LinkedIn.
“Someone recently created a large number of fake LinkedIn profiles for Chief Information Security Officer (CISO) roles at some of the world’s largest companies,” Krebs wrote. “It’s not clear who is behind this network of fake CISOs or what their intentions might be. But the made-up LinkedIn identities are confounding search engine results for CISO roles at large corporations, and they’re being indexed as gospel by various downstream data-scraping sources.”
The last part is worrying. “You could ask Google who they think Chevron’s current chief information security officer is,” Krebs wrote. “When KrebsOnSecurity did this this morning, the very first search result returned was the fake CISO profile (followed by the real Chevron CISO’s LinkedIn profile).” Ouch.
In such a scenario, misidentified parties tend to move faster than platforms. “Rich Mason, the former CISO of Fortune 500 company Honeywell, began warning his colleagues on LinkedIn about the false profiles earlier this week,” Krebs wrote. “‘It’s interesting what downstream sources are repeating fake LinkedIn content as truth,’ Mason said. ‘This is dangerous Apollo.io, Signalhire and Cybersecurity Ventures’.”
LinkedIn has taken steps to fight the scammers. “Today, LinkedIn announced that it has started showing more information about accounts to verify their authenticity, uses AI to actively check for fakes, and warn users when they receive suspicious messages,” bleepingcomputer.com wrote in late October .
It’s good. But also: “In recent years, LinkedIn has been heavily abused by threat actors to initiate communication with targets to spread malware, conduct cyber espionage, steal credentials, or engage in financial fraud.”
Bleepingcomputer quoted North Korean hacking group Lazarus as “usually targeting targets via LinkedIn with fake job ads. However, these fake job ads result in the installation of malware that allows the attackers to gain access to a target’s device and potentially the corporate network or perform millions of dollars in cryptocurrency hacks.”
Trust on social media is hard to come by, but that can be a good thing. Another case of Netizen Emptor.
Stefan Hammond is a contributing editor at CDOTrends. Best practices, IoT, payment gateways, robotics and the ongoing fight against cyber pirates arouse his interest. You can reach him at [email protected].