Malware and spam attacks against users of social networking sites such as Facebook and Twitter have increased by 70% in the past year, according to a report by Sophos.
A survey of 500 organisations revealed that cyber criminals have targeted 57% of users of social networking sites with spam and 36% with malware in the past year.
Some 72% of firms surveyed said they were concerned about employees' behaviour on social networks putting their business at risk of losing sensitive data.
But 49% of firms allow employees unrestricted access to Facebook, up 13% in the past year.
Cybercriminals are targeting social networking sites because more people are using these sites to share personal information, said Graham Cluley, senior technology consultant at Sophos.
"The dramatic rise in attacks in the last year tells us that social networks and their millions of users have to do more to protect themselves from organised cybercrime," he said.
Criminals typically identify victims on social networks and then attack them at home and at work, said the report.
"Social networks can be an essential part of the business mix, so the answer is not to bar access, but to apply some social security instead," said Cluley.
This involves a combination of web filtering to scan every link in every web page viewed, anti-virus on computers to stop malicious code executing, and user education," he said.
For example, businesses must make employees aware of the dangers of sharing all their personal details online and warn them to be extremely careful about who they connect to on social networking sites, said Cluley.
Comprehensive malware protection and a unified approach to providing sensible, granular access control, secure encryption and data monitoring is mandatory for businesses to operate in the modern socially networked world, the report said.