The audiences of the major global social networks Facebook, Instagram, Twitter, TikTok, YouTube will exceed 5 billion users in 2022. Effective economic activity by individuals and companies is no longer imaginable without a presence on social media. Company and celebrity accounts are gaining real capitalization and are inevitably subject to "hijacking", i.e. fraudulent takeover. We estimate the global revenue of "account hijackers" in 2022 at about $2 bln. and the annual growth rate is at least 70% per year, with the lion's share of hijackings going to Facebook and Instagram users' pages. Developing at this rate, the cyber theft industry will become richer than the global car theft market in three years.
The Russian service Antiban.pro is an expert in social media cybersecurity. For 6 years the company has been helping private and corporate clients all over the world to build a technologically correct social media presence and counteract fraudsters' threats. Approximately 15% of customer requests to Antiban.pro involve requesting the return of stolen accounts.
Specializing in cybersecurity of individuals and companies using social networks, in recent years we have seen at least a doubling in the number of requests related to account hijacking. The overwhelming majority of user referrals are related to Facebook and Instagram pages, as these are the social networks that have the greatest reputational and commercial potential for users. Importantly, the policy of these technologically very vulnerable platforms for a skilled hijacker is related to the eminently low cost of arbitrating such disputes, which occur at least 15,000 times daily around the world. Arbitrating a swarm of such requests is largely the prerogative of artificial intelligence algorithms, and it is unprofitable for platforms to maintain a serious human staff to deal with these issues.
We wondered about the size of the global and Russian cybercrime market and did some research among various open-access publications. Having been consulted by Antiban.pro experts and studied articles, for example, in Bloomberg, we got a serious scatter of estimates both for national markets and globally. However, after removing the extreme values and further discussing the obtained results with the experts of our research, we came to the following estimates, which inspire confidence at least in us as authors.
In all likelihood, we are dealing with a global cybercrime market worth $1.5-2.5 billion in 2022. In terms of social media, the most hijacked pages are Instagram (due to its popularity with media celebrities and its developed retail service), Facebook. TikTok may show multiple growth during 2022 as a cyber hijacking platform, but due to the young age of users, tiktok hijackings are not that big in monetary terms yet - the average check is measured in a few hundred dollars. Nevertheless, we predict a steady increase in cybersecurity issues for tiktok accounts in the coming years.
In our view, the leading markets in the world look like this: the USA (leader of global technological economy and the center of media stars), occupies about 50%, the European Union countries about 20%, the share of Russia in this market, according to our estimates, not less than 5%. We believe that another three years of double-digit growth in the cybercrime market could give this industry annual revenues of more than $20 billion.
The economic typology of account hijackers is similar around the world. We distinguish three types of hijack for simplicity.
The first is corporate hijacking.
The most common reason for these hijackings is a disagreement between the management of the company which owns the account and the employee who has access to the page. The employee may change the password, hide the page, and generally perform any manipulations. To regain access, a simple agreement is often enough.
Avoiding disputes can be helped by prohibiting the linking of the corporate account to the employee's personal email, page and phone number. You don't need to open the whole toolkit. Facebook and Instagram have special services for full operation, excluding full control over the account.
The second is SOS hijacking.
This type of hijacking occurs in order to post information about a tragic situation related to the owner of the page or one of the owner's loved ones. Scammers encourage subscribers to the stolen account to donate money to solve the problem described. Often, scammers run a sale or other promotion on behalf of the business account owner, leading to mass 'purchases' with transfers to the scammers' accounts.
To avoid this kind of thing, you need to avoid clicking on any suspicious links, entering, or passing on data from your Instagram account.
The third is 'return for a fee' hijacking.
The aim of "hijackers" of this type is to get a ransom from the owner of the page or resell it to third parties, very often after repeatedly receiving a ransom for the same account, it is sold to third parties.
According to Antiban.pro statistics, in the CIS, such hijackings are usually carried out by Turkish hijackers. At the same time, overseas sources note that "Russian hackers" use a similar scheme, as accounts are rebounded to e-mail addresses with the ".ru" domain at the end. It is worth noting that similar emails are used by Turkish hijackers.
TOP-4 tips from cybercriminals on Instagram and Facebook:
1. the best protection against password hijacking is two-factor authentication, both in the account and in the linked email.
2. The most secure emails are: Google, iCloud, Yandex. They are more difficult to hack.
3. Do not specify in the account communication methods the email to which the account is tied. Contact mail and the mail to which the account is linked are different mail.
4. Vigilance: Don't click on "strange" links received seemingly from social networking support, it might be a phishing scam. And never enter your account username and password anywhere. Instagram/Facebook email notifications are easy to find by following the algorithm: "Settings" - "Security" - "Emails from Instagram/Facebook".
The cybercrime market is growing rapidly, with the number of appeals to Antiban.pro asking for the return of a hijacked account increasing manifold from month to month. There are no global statistics, but indirect data from various experts suggest the market is growing by 70-100% annually.