The Prevalence of Cybersecurity Misinformation on Social Media: Case Studies on Phishing Reports and Zoom's Threats

Recently, threat intelligence and security tools have been augmented to use the timely and relevant security information extracted from social media. However, both ordinary users and malicious actors may spread misinformation, which can misguide not only the end-users but also the threat intelligence tools. In this work, for the first time, we study the prevalence of cybersecurity and privacy misinformation on social media, focusing on two different topics: phishing websites and Zoom's security & privacy. We collected Twitter posts that were warning users about phishing websites and tried to verify these claims. We found about 22% of these tweets to be not valid claims. We then investigated posts about Zoom's security and privacy on multiple platforms, including Instagram, Reddit, Twitter, and Facebook. To detect misinformation related to Zoom, we first created a groundtruth dataset and a taxonomy of misinformation and identified the textual and contextual features to be used for training classifiers to detect posts that discuss the security and privacy of Zoom and detect misinformation. Our classifiers showed great performance, e.g., Reddit and Facebook misinformation classifier reached an accuracy of 99% while Twitter and Instagram reached an accuracy of 98%. Employing these classifiers on the posts from Instagram, Facebook, Reddit, and Twitter, we found that respectively about 3%, 10%, 4%, and 0.4% of Zoom's security and privacy posts as misinformation. This highlights the need for social media platforms to dedicate resources to curb the spread of misinformation, and for data-driven security tools to propose methods to minimize the impact of such misinformation on their performance.