Security News > 2022 > March > Social media phishing attacks are at an all time high
The targeting of social media is the highlighted finding in the 2021 Phishing report by cybersecurity firm Vade, who analyzed phishing attack patterns that unfolded throughout 2021.
Phishing actors focused on Facebook and other social media platforms because taking over social media accounts is commonly a stepping stone to reach a wider audience or perform highly effective spear-phishing attacks.
In the first scenario, phishing actors can post links to malware-dropping or phishing sites that their followers, who trust them, are more likely to click on, thus generating traffic towards malicious sites.
As Vade comments, the phishing actors are particularly interested in well-known brands and typically target them during periods of high recognition.
"Vade detected a sophisticated Microsoft phishing attack in which corporate logos and background images were automatically rendered onto Microsoft 365 phishing pages," details the report.
In Microsoft's case, Vade saw a gradual rise in the number of phishing emails as the week progressed, possibly attempting to leverage accumulating tiredness that leads to carelessness and phishing link clicks.
News URL
Related news
- YouTube warns of AI-generated video of its CEO used in phishing attacks (source)
- Ukrainian military targeted in new Signal spear-phishing attacks (source)
- Phishing platform 'Lucid' behind wave of iOS, Android SMS attacks (source)
- iOS devices face twice the phishing attacks of Android (source)
- Windows NTLM hash leak flaw exploited in phishing attacks on governments (source)
- Three Reasons Why the Browser is Best for Stopping Phishing Attacks (source)
- Phishing detection is broken: Why most attacks feel like a zero day (source)
- DPRK Hackers Steal $137M from TRON Users in Single-Day Phishing Attack (source)