Opinion
AI has turned social media into the enterprise’s new blind spot
While millions are spent on cloud security, zero is spent on the Instagram account. In the social media era, the business impact of a compromised account can be enormous.
Imagine a scenario in which the social media account of an airport, a bank, a public company, a hospital, or a government agency is hacked. An airport account reports an attack. A public company announces it is stopping sales of a major product. A bank account posts false information about withdrawals. A hospital account tells patients to avoid the facility. A consumer brand account publishes offensive or manipulated content. Even if the message is deleted within minutes, the damage may already be done to revenue, stock price, customer trust, and public safety.
For years, companies treated social media as a marketing channel: a place to launch campaigns, answer customers, publish thought leadership, and build communities. But in the AI era, social media is no longer just a marketing asset. It has become one of the most exposed, high-impact attack surfaces in the enterprise.
And the problem is simple: the people managing these accounts are usually not security teams. They are marketing managers, social media managers, agencies, creators, community teams, freelancers, and customer support teams. Their job is speed, creativity, and engagement. They need to post quickly, react to trends, approve content, collaborate with agencies, and manage multiple platforms at once. Security, on the other hand, was built for a different world: corporate devices, email accounts, identity providers, SSO, SCIM, SIEM alerts, and structured access management.
Social media sits in the middle, and too often, it belongs to nobody.
According to research (DataReportal), 85% of social media teams still share passwords or two-factor authentication codes in some form. Sometimes it is a password manager. Sometimes it is WhatsApp. Sometimes it is an email. Sometimes it is simply, “Send me the code quickly, I need to post now.” In any other enterprise system, that would be considered a serious security failure. However, on social media, it is still considered normal.
Targeting a social media manager used to require effort. An attacker had to study the brand, understand the agency relationships, learn the internal language, and craft something convincing. That friction was a natural filter.
AI has eliminated it. Today, an attacker can scrape a brand's LinkedIn and Instagram, analyse months of campaign content, clone the tone and style of internal communications, and generate a phishing message or a fake login page for the social management tool the team already uses, in minutes. They can impersonate the account manager at the agency. They can fake a platform support alert. They can generate a creative brief that looks completely legitimate.
Related articles:
Yubico's 2024 research found that 72% of security professionals believe phishing has become more sophisticated due to AI, and 66% believe it has become more successful. For social media teams — who are not trained to spot these attacks and who operate under constant time pressure — the exposure is severe.
The instinct when hearing this is to say: just enable MFA. But the data does not support that comfort. Proofpoint reported that in 2024, 99% of the enterprise tenants it monitored were targeted by account takeover attempts, and 62% experienced at least one successful takeover. More striking: 65% of those successful takeovers involved accounts that already had MFA enabled.
Attackers are not guessing passwords anymore. They are manipulating the humans and workflows around authentication, and social media teams, by the nature of how they work, are uniquely exposed to exactly that kind of attack.
The result is a growing gap between how important social media has become to the business and how casually it is still managed inside many organizations. As AI makes impersonation, phishing, automation, and account manipulation easier to scale, this gap will become harder to ignore. Companies can no longer treat social media as a side channel owned only by marketing, and the question remains: Which CISOs will be the first to close that gap?
Ron Storfer is the Co-Founder and CPO at Spikerz Security.
