Internet social networks such as Facebook, LinkedIn, and Twitter have fundamentally changed the way we conduct business and interact with each other, but have also created a new type of criminal enterprise. With more than 2 billion users on Facebook alone, social media has provided cyberwarriors with a wealth of personal information to exploit. Cyber ​​warrior is defined as a computer expert engaged in the infiltration or sabotage of information systems, or in the defense of information systems against external attacks, usually for strategic or military purposes. Say no to plagiarism. Get a tailor-made essay on “Why Violent Video Games Should Not Be Banned”? Get an Original Essay Given this definition, the term cyber warrior can take on different meanings depending on the context in which it is used. This term can refer to someone with malicious intentions, such as a hacker, or to a professional who strives to defend against such attackers. With so many social networks available in today's digital age, a cyber warrior has a lot of options to choose from. In 2017, there were 2 billion monthly active users on Facebook and over 1 billion daily active users using account information such as names, dates of birth, places of employment, addresses and even current locations. LinkedIn is a professional network that in 2016, 128 million Americans registered on the site, while India came in second with 35 million. In third place, Brazil comes in with 25 million registered members, while other smaller countries have around 1 million users. The networking site allows members to create profiles and connect with others in order to establish professional relationships. Instagram and Twitter are also notorious networks that cyber warriors turn to for information gathering. Cybercrime on social media can be categorized in three ways. The first large-scale traditional scams try to trick you into clicking on something or visiting pages that will spread malware to your computer. The second, and less obvious, solution would be for the criminal to seek to inadvertently publicly expose personal data and ultimately use social media to exchange ideas, connect, and exchange stolen information. In the context of cybercriminals, the interconnectivity of social media creates ideal conditions for cyber warriors looking for a specific target to gather information about an individual or company. Most users now have multiple devices such as computers, iPads, iPods and smartphones, which communicate and share information within our own personal networks and one of these can easily be overlooked from the point from a security perspective. The human trust trait that leads many people or employees to fall prey to scams or malvertising campaigns is the gamble of most cybercriminals. Most social media users simply don't realize the amount of information they share through their accounts or the implications of the information they share. Password questions such as "what model was your first car" or "what was the name of your first pet" could be found by digging through a person's old posts.social media account or by simply tapping the “About” tab in your account. Facebook page. Geolocations is another feature that most users are unaware of and even ignore its existence. Geotags are embedded in photos and videos taken with GPS-equipped smartphones and digital cameras and can be left on those smartphones, which today continuously stream Facebook as well as real-time locations. Even businesses are connected to Facebook and Twitter through the networks they use to open these accounts, not to mention the public Wi-Fi these companies can offer. Cybercriminals can use the information they collect from these targets' social media accounts to feign familiarity. People in particular job roles can be located and identified in just a few clicks. Once identified as "tracked", their social relationships can be mapped to develop extremely detailed graphs showing shared posts, individual interests, recent trips to conferences, or any other information relevant to the end game. Once this information is collected , cybercriminals have all the assets they need to write emails that are detailed enough to be convincing. Criminals wishing to spread targeted malware or ransomware launch more detailed attacks with carefully crafted emails regularly tricking staff into initiating questionable wire transfers or opening malicious attachments, which can result in ransomware lockout, a local malware infection or complete disabling of their network. The tactic employed that uses data collected from social media is called a "whaling" attack in which the criminal spoofs the sender's name and email address, mentions a recent shared experience, possibly from a post on social media to alleviate skepticism, and crafts a message. just to have to make a bank transfer urgently. The same can be used to trust individuals' personal emails rather than just professional networks. In terms of cybersecurity, professional ethical hackers from FireEye's Mandiant Red Team Operations tested this theory and sent a client organization a carefully crafted email. The results revealed that 400 of the 600 employees clicked on the attachment. If a cyber warrior wants to investigate a given individual's work habits, the company and position they hold, or the people they have professional and private contact with, this information can often be easily followed on social networks. This becomes much easier if the target has made a lot of private information on their profile public. Recent figures from the US FBI suggest that fraudulent emails, sent by cybercriminals posing as CEOs and other key executives, cost US businesses $2. 3 billion between October 2013 and February 2016, during which time the FBI received some 17,642 reports of such scams. They found that seventy-two percent of attackers impersonated the CEO and thirty-five percent of respondents impersonated the CFO to target key financial managers and other executives. While in many cases the initial scam might simply involve having the target click on an email to open it, the initial malware could be clicked on and the next phase of the scam could ensue..