Security News > 2022 > March > Social media phishing attacks are at an all time high

The targeting of social media is the highlighted finding in the 2021 Phishing report by cybersecurity firm Vade, who analyzed phishing attack patterns that unfolded throughout 2021.
Phishing actors focused on Facebook and other social media platforms because taking over social media accounts is commonly a stepping stone to reach a wider audience or perform highly effective spear-phishing attacks.
In the first scenario, phishing actors can post links to malware-dropping or phishing sites that their followers, who trust them, are more likely to click on, thus generating traffic towards malicious sites.
As Vade comments, the phishing actors are particularly interested in well-known brands and typically target them during periods of high recognition.
"Vade detected a sophisticated Microsoft phishing attack in which corporate logos and background images were automatically rendered onto Microsoft 365 phishing pages," details the report.
In Microsoft's case, Vade saw a gradual rise in the number of phishing emails as the week progressed, possibly attempting to leverage accumulating tiredness that leads to carelessness and phishing link clicks.
News URL
Related news
- Microsoft: Hackers steal emails in device code phishing attacks (source)
- Cybercriminals shift focus to social media as attacks reach historic highs (source)
- Darktrace: 96% of Phishing Attacks in 2024 Exploited Trusted Domains Including SharePoint & Zoom Docs (source)
- Phishing attack hides JavaScript using invisible Unicode trick (source)
- FatalRAT Phishing Attacks Target APAC Industries Using Chinese Cloud Services (source)
- Hackers Exploit AWS Misconfigurations to Launch Phishing Attacks via SES and WorkMail (source)
- YouTube warns of AI-generated video of its CEO used in phishing attacks (source)
- Ukrainian military targeted in new Signal spear-phishing attacks (source)
- Phishing platform 'Lucid' behind wave of iOS, Android SMS attacks (source)