Cybercriminals increase phishing attacks on social networks

Internet users are exposed to many types of attacks. The different attacks with which our computers can be infected are the different types of malware, viruses, Trojans and computer worms. Another one that is on the rise as well, and whose objective is to steal the credentials of our accounts, are phishing attacks. In this regard, many of the attacks of this type that occur today are aimed at social networks. In this article we are going to see how attackers increase phishing attacks on social networks thanks to a study by PhishLabs.

Cybercriminals increase phishing attacks on social networks

Trend of threats such as Phishing

In PhishLabs’ quarterly report, throughout 2021 it has detected and mitigated a large number of phishing, social media, email, and dark web threats targeting a wide range of businesses and brands. It should be noted that phishing remains the dominant attack vector for cybercriminals . If we make a comparison with the year 2020 we can see that it has increased by 31.5% .

According to John LaCour, founder and CTO of PhishLabs, in early summer 2021 we saw a drop in phishing volume. However, it also adds that this was punctual since this type of attack increased again in the months of July and September. Many IT security teams will have been dealing with an onslaught of threats over the holidays. In this regard, it can be very important to know why phishing messages succeed and how to protect ourselves.

Another factor to keep in mind is that operators’ telecommunications data is also still being traded on Dark Web sites. Cybercriminals who gain access to account details after obtaining login credentials may gain access to payment method details and sensitive information. Currently, as we will see below, phishing in social networks as a way for bad actors to profit is the order of the day

The rise of phishing on social networks

Cybercriminals, when carrying out their attacks, look for profitable targets that allow them to obtain benefits of some kind. In that regard, right now social media is now their preferred attack target , and targeted attacks are steadily increasing, with an 82% increase this year. The payment services industry also continues to be the most targeted, but staffing and hiring saw the sharpest increase in attacks compared to the second quarter.

Another thing talked about in this report is that Vishing incidents have also doubled and even tripled in number, for the second quarter in a row. In case you do not know, it is a type of social engineering scam in which, through a phone call, the identity of a trusted company, organization or person is impersonated, in order to obtain personal and sensitive information. of the victim.

One thing is clear, phishing attacks on social networks are on the rise. John LaCour believes that with the continuous increase in threats on social networks, it is necessary for companies to prioritize their visibility on platforms such as Twitter, Facebook, Instagram and more. In addition, he adds that as seasonal hiring for the holidays increases, the staffing industry in particular must be prepared to deal with online problems of phishing and other scams. Here you can consult the report on the PhishLabs website.

How to be more protected from these attacks

To be more protected from phishing on social networks, we should think about activating multi-factor authentication in our accounts . Thus, even in the hypothetical case that they get our password, they would lack a second factor that could be, for example, putting a code that we obtain from Google Authenticator. Today the vast majority of major social networks have a two-step security verification. In this article we recommend activating it for greater security.

Finally, you may be interested in knowing the most common Phishing strategies in social networks such as Facebook, Instagram, LinkedIn and Twitter.