Muhammad Hassan, Mahnoor Jameel, Masooda Bashir (University of Illinois at Urbana Champaign)
Social network platforms are now widely used as a mode of communication globally due to their popularity and their ease of use. Among the various content-sharing capabilities made available via these applications, link-sharing is a common activity among social media users. While this feature provides a desired functionality for the platform users, link sharing enables attackers to exploit vulnerabilities and compromise users’ devices. Attackers can exploit this content-sharing feature by posting malicious/harmful URLs or deceptive posts and messages which are intended to hide a dangerous link. However, it is not clear how the most common social media applications monitor and/or filter when their users share malicious URLs or links through their platforms. To investigate this security vulnerability, we designed an exploratory study to examine the top five android social media applications’ performance when it comes to malicious link sharing. The aim was to determine if the selected applications had any filtering or defenses against malicious URL sharing. Our results show that most of the selected social media applications did not have an effective defense against the posting and spreading of malicious URLs. While our results are exploratory, we believe our study demonstrates the presence of a vital security vulnerability that malicious attackers or unaware users can use to spread harmful links. In addition, our findings can be used to improve our understanding of link-based attacks as well as the design of security measures that usability into account