Facebook and Cambridge Analytica Scandal, Social Media Phishing: How Safe Your Privacy Is? 02Apr Presidential elections in the United States and Brexit voting were over. But the scandals are like ghosts who keep on returning in the present time to haunt its creators-even the humanity. Social media is meant to be a tool for connecting people and a platform to practice freedom. But as time goes by, social media networks like Twitter and Facebook, become toxic places. The platforms become tools of political campaign, until it becomes a war zone of data and information. Most people are aware of how Facebook becomes part of Donald Trump’s victory. However, an allegation from former employee of Cambridge Analytica Christopher Wylie claimed that his previous company with the help of Facebook’s million users’ data sway the voting habits. How the British political consulting company farms the millions of data from the social media? Do you love playing the online tests that require signing up using Facebook? These simple online games are actually tools for garnering data. According to Wylie, he worked with Aleksandr Kogan, a professor at Cambridge University, to obtain the data. Kogan created an app called “thisisyourdigitallife.” The app is personality test and it will pay users by taking the test. It requires the participants to sign in through their Facebook login and agree to let their data be used for academic purposes. It seems the app is harmless. However, it went beyond its seemingly stated scope. Facebook’s platform policy only allows developers the use of friend data to enhance a user’s personal experience. However, the app garnered not only the data of its participants because it is capable of pulling in data from the friends lists of any test-takers. Thus, making the total mined data, 50 million. All the data mined from the app were used to profile United States voters and serve them with personalized ads ahead of the 2016 election by Cambridge Analytica. “We exploited Facebook to harvest millions of people’s profiles. And built models to exploit what we knew about them and target their inner demons. That was the basis that the entire company was built on,” Wylie said. Facebook data breach scandal is not totally new. Back in 2015, The Guardian was the first publication to report Kogan’s participation in the US election. The professor claimed he had a massive pool of data on more than 40 million Americans. The data that his app obtained was sold to Cambridge Analytica. Despite CA’s denial on the allegation, its reputation has been questionable, especially when Channel 4 News released “Cambridge Analytica Uncovered: Secret filming reveals election tricks.” The shocking truth about how the company strategizes election campaign with dirty tactics such as using bribes, ex-spies, and fake IDs. The most shocking revelation. The video films the bosses of CA, CEO Alexander Nix, data scientist Alexander Tayler, political division Mark Turnbull. They boasted the successful political and non-political campaigns including Mexico, Malaysia, Australia, China, and Brazil. Turnbull said in the video, “It’s no good fighting an election campaign on the facts because actually it’s all about the emotion.” This statement could be the reason why Wylie said “This company (CA) really took fake news to the next level by powering it algorithm.” Apart from Trump campaign, CA was also accused of swaying voting behavior during Brexit. It was also accused of working secretly to Uhuru Kenyatta, the incumbent Kenyan President. Social Media Phishing Social media is the perfect place for fraudsters to find their victims. In our previous blog, we discussed other forms of phishing. But since more people are using social media, the bad guys are following them and will lure them to share information by pretending to be an employee of a corporation. In RiskIQ’s Q4 2017 statistics, there are 27.285 blacklisted phishing domains that targeted 259 unique brands. According to the cyber security company based in San Francisco, California, attackers go after the social media because of several reasons: “For one, the growth in popularity of financial integrations within social media platforms that, for example, give users the ability to send and receive money, can make for an easy payday. There’s also the possibility of using sensitive information from posts, messages, and profiles that can be used as lures in social engineering attacks.” Obtaining personal information is a common practice among scammers. They only need apps that are capable to get the data without the knowledge of the users. Facebook CEO Mark Zuckerberg released an apology statement regarding “major privacy breach.” In his long post on Facebook, he will “restrict” developers’ access to data of users who haven’t used their app for more than three months. He also promised the developers can only obtain a profile’s name, photo and email address. Overall, his company will take an action to avoid the data breach. But isn’t too late for the company to bring back the trust of its users and partners after it lost $80 billion in market value since its data scandal?