Security associated threats are often increased for online social media during a pandemic, such as COVID-19, along with changes in a work environment. For example, employees in many companies and organizations have started to work from home due to the COVID-19 pandemic. Such working style has increased many remote activities and further relied on email for communication, thus creating an ideal condition for email fraud schemes. Motivated by this observation, the main purpose of this work is to evaluate the privacy policy of online social media and identify potential security associated problems. First, we perform a risk analysis of online social media networks such as Facebook, Twitter and LinkedIn by using the STRIDE model. This aims to find threats and vulnerabilities in the online social media. Then in this analysis, the phishing attack was found to be a main threat in online social media, which is a social engineering attack, where users are convinced through some fake messages or emails to extract their personal credentials.

翻译：在流行病（例如COVID-19）期间，随着工作环境的变化，在线社交媒体面临的安全威胁往往有所增加。例如，由于COVID-19疫情，许多公司和组织的员工开始居家办公。这种工作模式增加了远程活动的频率，并进一步依赖电子邮件进行沟通，从而为电子邮件诈骗行为创造了理想条件。受此现象启发，本文的主要目的是评估在线社交媒体的隐私策略，并识别潜在的安全相关问题。首先，我们利用STRIDE模型对Facebook、Twitter和LinkedIn等在线社交媒体网络进行风险分析，旨在发现其中的威胁与漏洞。通过分析发现，网络钓鱼攻击是在线社交媒体中的主要威胁，这是一种社会工程攻击，攻击者通过虚假消息或电子邮件诱骗用户，以获取其个人凭证。