Security News > 2020 > October > Facebook: A Top Launching Pad For Phishing Attacks
Amazon, Apple, Netflix, Facebook and WhatsApp are top brands leveraged by cybercriminals in phishing and fraud attacks - including a recent strike on a half-million Facebook users.
Facebook has been a top cybercriminal favorite in phishing attacks so far this year, with recent research shedding light on 4.5 million phishing attempts that have leveraged the social media platform between April and September 2020.
When victims clicked on the link, they were redirected to multiple websites and ultimately led to a Facebook phishing page.
Previous cybercriminals have also targeted Facebook over the years with new tricky tactics, including reproducing a social login prompt in a "Very realistic format" inside an HTML block, and targeting Facebook's ad platform for years in an attack that siphoned $4 million from users' advertising accounts.
Facebook is also one of the most-used services by corporate employees, with Kaspersky finding that YouTube and Facebook are the top two services that employees at small and medium businesses access on their corporate devices.
News URL
https://threatpost.com/facebook-launching-pad-phishing-attacks/160351/
Related news
- How Phishing Attacks Adapt Quickly to Capitalize on Current Events (source)
- Google raps Iran's APT42 for raining down spear-phishing attacks (source)
- Xeon Sender Tool Exploits Cloud APIs for Large-Scale SMS Phishing Attacks (source)
- Cybercriminals exploit file sharing services to advance phishing attacks (source)
- CERT-UA Warns of New Vermin-Linked Phishing Attacks with PoW Bait (source)
- How AitM Phishing Attacks Bypass MFA and EDR—and How to Fight Back (source)
- Novel attack on Windows spotted in phishing campaign run from and targeting China (source)
- Cybercriminals Exploit HTTP Headers for Credential Theft via Large-Scale Phishing Attacks (source)
- Australian Organisations Targeted by Phishing Attacks Disguised as Atlassian (source)
- Free Sniper Dz Phishing Tools Fuel 140,000+ Cyber Attacks Targeting User Credentials (source)