Threats Against Information Privacy and Security in Social Networks: A Review

  • Ahmed Al-CharchafchiEmail author
  • Selvakumar Manickam
  • Zakaria N. M. Alqattan
Conference paper
Part of the Communications in Computer and Information Science book series (CCIS, volume 1132)


This review paper is an attempt to cover the arising threats against information privacy and security in the attractive Social Network environment that represents a rich mine of user personal data. First, the paper discusses the information privacy, while many researches have been found in the relevant literature with respect to privacy in Social Networks, more efforts are needed especially on data leakages that happen to each entity including Social Network users, service providers, third and external parties, and how data linkages can produce useful information to these parties. Second, the paper discusses the information security focusing on the social engineering threats, while many efforts have been found in the relevant literature with respect to social engineering in the Internet in general, only few attempts cover the topic in the Social Network environment. In this paper, threats of fake accounts, identity theft, and spear phishing are discussed specifically in the Social Networks. Furthermore, the paper presents the roles of Social Network users and service providers to protect information privacy and prevent threats against information security. This review paper is an attempt to become a guideline to current information privacy and security threats in Social Network environment, and to pave the way for the researchers to investigate more solutions for these threats in future works.


Social Network Social Media Privacy Security Data leakage Data linkage Social engineering Fake account Identity theft Spear phishing 


  1. 1.
    Hootsuite: We Are Social - Digital report.
  2. 2.
    Kizza, J.M.: Ethical and Secure Computing, pp. 229–257 (2019). Scholar
  3. 3.
    Kayes, I., Iamnitchi, A.: Privacy and security in online social networks: a survey. Online Soc. Netw. Med. 3–4, 1–21 (2017). Scholar
  4. 4.
    Krombholz, K., Hobel, H., Huber, M., Weippl, E.: Advanced social engineering attacks. J. Inf. Secur. Appl. 22, 113–122 (2015). Scholar
  5. 5.
    Heidemann, J., Klier, M., Probst, F.: Online social networks: a survey of a global phenomenon. Comput. Netw. 56, 3866–3878 (2012). Scholar
  6. 6.
    Heravi, A.: Privacy attitudes and behaviours in online social networking (2017).
  7. 7.
    Boyd, D.M., Ellison, N.B.: Social network sites: definition, history, and scholarship. J. Comput.-Mediated Commun. 13, 210–230 (2008). Scholar
  8. 8.
    Salehan, M., Negahban, A.: Computers in human behavior social networking on smartphones: when mobile phones become addictive. Comput. Hum. Behav. 29, 2632–2639 (2013)CrossRefGoogle Scholar
  9. 9.
    Adewole, K.S., Anuar, N.B., Kamsin, A., Varathan, K.D., Razak, S.A.: Malicious accounts: dark of the social networks. J. Netw. Comput. Appl. 79, 41–67 (2017). Scholar
  10. 10.
    Kumari, P.: Requirements analysis for privacy in social networks. In: 8th International Workshop for Technical, Economic and Legal Aspects of Business Models for Virtual Goods (2010)Google Scholar
  11. 11.
    Novak, E., Li, Q.: A survey of security and privacy in online social networks. College of William and Mary Computer Science Technical report, vol. X, pp. 1–32 (2012)Google Scholar
  12. 12.
    Fire, M., Goldschmidt, R., Elovici, Y.: Online social networks: threats and solutions. IEEE Commun. Surv. Tutorials 16, 2019–2036 (2014). Scholar
  13. 13.
    Deliri, S., Albanese, M.: Data Management in Pervasive Systems, pp. 195–209. Springer, Heidelberg (2015). Scholar
  14. 14.
    Pham, V.V.H., Yu, S., Sood, K., Cui, L.: Privacy issues in social networks and analysis: a comprehensive survey. IET Netw. 7, 74–84 (2017). Scholar
  15. 15.
    Rathore, S., Sharma, P.K., Loia, V., Jeong, Y.S., Park, J.H.: Social network security: issues, challenges, threats, and solutions. Inf. Sci. 421, 43–69 (2017). Scholar
  16. 16.
    Ali, S., Islam, N., Rauf, A., Din, I.U., Guizani, M., Rodrigues, J.J.P.C.: Privacy and security issues in online social networks. Future Internet 10, 114 (2018). Scholar
  17. 17.
    Sahoo, S.R., Gupta, B.B.: Classification of various attacks and their defence mechanism in online social networks: a survey. Enterp. Inf. Syst. 00, 1–33 (2019). Scholar
  18. 18.
    Krishnamurthy, B., Wills, C.E.: On the leakage of personally identifiable information via online social networks. In: ACM SIGCOMM Computer Communication Review, p. 112. ACM (2012)CrossRefGoogle Scholar
  19. 19.
    Schneier, B.: A taxonomy of social networking data. IEEE Secur. Priv. 8, 88 (2010). Scholar
  20. 20.
    Islam, M.B., Watson, J., Iannella, R., Geva, S.: A greater understanding of social networks privacy requirements: the user perspective. J. Inf. Secur. Appl. 33, 30–44 (2017). Scholar
  21. 21.
    Öğütçü, G., Testik, Ö.M., Chouseinoglou, O.: Analysis of personal information security behavior and awareness (2016). Scholar
  22. 22.
    Obar, J.A., Oeldorf-Hirsch, A.: The biggest lie on the Internet: ignoring the privacy policies and terms of service policies of social networking services. Inf. Commun. Soc. 1–20 (2018). Scholar
  23. 23.
    Kavianpour, S., Ismail, Z., Shanmugam, B.: Classification of third-party applications on Facebook to mitigate users’ information leakage. Adv. Intell. Syst. Comput. 569, 144–154 (2017). Scholar
  24. 24.
    Tian, Y.: Privacy Preserving Information Sharing in Modern and Emerging Platforms (2018).
  25. 25.
    Lipschultz, J.H.: Social Media Communication: Concepts, Practices, Data, Law and Ethics. Routledge, Abingdon (2017)CrossRefGoogle Scholar
  26. 26.
    Statista: Facebook: annual revenue 2018| Statistic.
  27. 27.
    Whitaker, C., Stevelink, S., Fear, N.: The use of Facebook in recruiting participants for health research purposes: a systematic review. J. Med. Internet Res. 19 (2017). Scholar
  28. 28.
    Williams, M.L., Burnap, P., Sloan, L.: Crime sensing with big data: the affordances and limitations of using open-source communications to estimate crime patterns. Br. J. Criminol. 57, 320–340 (2017). Scholar
  29. 29.
    Williams, M.L., Burnap, P., Sloan, L.: Towards an ethical framework for publishing Twitter data in social research: taking into account users’ views. Online Context Algorithmic Estimation Sociol. 51, 1149–1168 (2017). Scholar
  30. 30.
    Goga, O., Perito, D., Lei, H., Teixeira, R., Sommer, R., Tr‐13‐002, Open image in new window ɣ: Large‐scale Correlation of Accounts Across Social Networks. (2013)Google Scholar
  31. 31.
    Shu, K., Wang, S., Tang, J., Zafarani, R., Liu, H.: User identity linkage across online social networks. ACM SIGKDD Explor. Newsl. 18, 5–17 (2017). Scholar
  32. 32.
    Pew Research Center: Social Media Use 2018: Demographics and Statistics.
  33. 33.
    Beilinson, J.: Facebook Data May Have Been Illicitly Used for Politics, and It Started With a Quiz - Consumer Reports.
  34. 34.
    Isaak, J., Hanna, M.J.: User data privacy: Facebook, Cambridge analytica, and privacy protection. Computer 51, 56–59 (2018). Scholar
  35. 35.
    Abawajy, J.H., Ninggal, M.I.H., Herawan, T.: Privacy preserving social network data publication. IEEE Commun. Surv. Tutorials 18, 1974–1997 (2016). Scholar
  36. 36.
    Cross, M.: Social Media Security. Syngress (2014)Google Scholar
  37. 37.
    Albladi, S.M., Weir, G.R.S.: User characteristics that influence judgment of social engineering attacks in social networks. Hum.-Centric Comput. Inf. Sci. 8, 5 (2018). Scholar
  38. 38.
    Al-Qurishi, M., Al-Rakhami, M., Alamri, A., AlRubaian, M., Rahman, S.M.M., Hossain, M.S.: Sybil defense techniques in online social networks: a survey. IEEE Access 5, 1200–1219 (2017). Scholar
  39. 39.
    Apte, M., Palshikar, G.K., Baskaran, S.: Frauds in Online Social Networks: A Review, pp. 1–18 (2018). Scholar
  40. 40.
    Ferrara, E., Varol, O., Davis, C., Menczer, F., Flammini, A.: The rise of social bots. Commun. ACM. 59, 96–104 (2014). Scholar
  41. 41.
    Rosen, G.: Facebook Publishes Enforcement Numbers for the First Time.
  42. 42.
    Li, F., Mittal, P., Caesar, M., Borisov, N.: SybilControl, vol. 67 (2012).
  43. 43.
    Bilge, L., Strufe, T., Balzarotti, D., Kirda, E.: All your contacts are belong to us, vol. 551 (2009).
  44. 44.
    Egele, M., Stringhini, G., Kruegel, C., Vigna, G.: Towards detecting compromised accounts on social networks. IEEE Trans. Dependable Secur. Comput. 14, 447–460 (2017). Scholar
  45. 45.
    Ruan, X., Wu, Z., Wang, H., Jajodia, S.: Profiling online social behaviors for compromised account detection. IEEE Trans. Inf. Forensics Secur. 11, 176–187 (2016). Scholar
  46. 46.
    Hong, J.: The state of phishing attacks. Commun. ACM 55, 74 (2012). Scholar
  47. 47.
    Thomas, J.E.: Individual cyber security: empowering employees to resist spear phishing to prevent identity theft and ransomware attacks. Int. J. Bus. Manag. 13, 1 (2018). Scholar

Copyright information

© Springer Nature Singapore Pte Ltd. 2020

Authors and Affiliations

  1. 1.National Advanced IPv6 Centre (NAv6)Universiti Sains Malaysia (USM)PenangMalaysia

Personalised recommendations