Has Meta’s record-breaking Threads opened us up to more cyberthreats?

Threads, the new social media platform from Meta and supposed Twitter competition, is officially the fastest-growing new app in history. 

In just five days, the Twitter competitor was able to gain over 100 million users, which is even more impressive as the app is not yet available in Europe. 

However, in an already treacherous dark economy, where various channels are leveraged for cybercrime, Meta’s new social media superstar is yet another convenient avenue of attack for career cybercriminals and their social engineering toolkit. 

Civilians and employees – especially those who work with sensitive data – must be vigilant, as the rapidly expanding social media landscape represents a serious security risk.

A plethora of scams

In the short time since its release, cybercriminals have already used Threads’ high-profile launch to attempt to scam and attack unsuspecting users. 

For instance, criminals have developed phishing sites that mimic non-existent web versions of Threads, which are designed to trick users into entering their login details. 

Because Threads is connected to other Meta services, cybercriminals could use these phishing sites to steal access to users’ other social media accounts, such as Instagram or Facebook. 

This is not only a privacy risk, opening the door to identity theft and doxing, but also a financial risk, as criminals may be able to steal personal banking information.

Similarly, fake versions of the app have appeared in smartphone stores, either to trick users out of their money by requiring payment or to act as a channel for malware and phishing attacks. 

Earlier this month, Apple had to remove a counterfeit Threads app from its European app store after it climbed to the number one spot in its store.

Social media, the perfect hunting ground

One reason these fraudulent sites and apps have been so successful is that Threads is not yet available to European consumers. 

Its launch in the EU was delayed due to regulatory issues over the extensive amount of data Threads collects on its users, which should concern prospective users. 

Threads can collect personal information, including location, finance and even health and fitness data. 

This treasure trove of data makes it an attractive target for hackers, representing a serious vulnerability if it is breached.

Those who can use Threads must also be careful about who they follow. Threads’ current verification system allows anyone to purchase a “tick”. 

Without vetting, there is a risk of impersonators pretending to be well-known celebrities or organisations, possibly scamming users out of their money or as part of a multi-channel phishing attack. 

Social media is the perfect hunting ground for spear-phishing attacks: by harvesting personal details, cybercriminals can craft their attacks to target people with surgical precision, including by pretending to be an authority figure, such as the CEO of a business. 

This is made even easier because users may falsely believe that they are in a safe, private environment and feel encouraged to broadcast their personal information.

FOMO, a part of human nature

The security issues around Threads relate to a basic psychological phenomenon that leads to potential risks. 

Namely, humans are fallible in the sense of reacting with certain behaviour to certain emotions, and when faced with the novelty and excitement of getting to grips with new technologies, they often let their guard down. 

In their haste to try out Threads, many users are exposing themselves to these scams. 

“FOMO” – the fear of missing out – is very real when it comes to jumping headfirst into exciting new platforms, but unfortunately, so are the potential risks.

However, there is a bigger issue at play. The rapid diversification of not just social media channels but also the communication tools and collaboration platforms we use in our everyday work and personal lives mean that we are frequently getting to grips with unfamiliar technologies and environments. 

Our increased dependency on this wider range of tools and platforms provides an advantage to cybercriminals, giving them more channels and vulnerabilities to attack and more ways to collect valuable data.

The security concerns around Threads also point to the simple fact that most people are unaware of the huge menu of tactics and methods used by today’s highly professional hackers. 

The cybercrime industry has never been more sophisticated or had more resources and opportunities, with the professionalisation of cybercrime leading to the creation of organised networks operating like slick criminal enterprises. 

Their main chance for success? Playing with our human psyche and emotions.

This is what you can do to protect yourself

So, how can everyday people stay safe in this ever-evolving cyberthreat jungle? 

First, we need to raise awareness of the threats that are out so that people remember to protect themselves online. 

By learning to spot threats or malicious messages, people are much better equipped to deal with them rather than learn the hard way.

Second, we need to reinforce safe online behaviour. That means setting strong passwords and using multi-factor authentication to keep login details secure, but also being aware of what information we are sharing online – social media are public platforms where you cannot control the spread of information. 

Where possible, set your account to private.

Finally, be aware that cybercriminals will find ways to exploit current affairs as they are masters of social engineering.

Whether it’s the launch of Threads, the shift to remote work, or even the start of the war in Ukraine, hackers will manipulate our emotions against us.

Today’s cybercriminals are experts at exploiting the human psyche. 

Only if we are aware of the innovation strength and creativity of cybercriminals and practice secure behaviour while online will we be able to notice these risks continuously and stay safe. 

Dr Niklas Hellemann is a psychologist and the CEO of SoSafe, a security awareness scale-up.

At Euronews, we believe all views matter. Contact us at [email protected] to send pitches or submissions and be part of the conversation.