Banking and Retail Top the List of Industries Targeted by Social Media Phishing Attacks

Social Media Cyber AttacksUsing an external platform trusted by potential victims is proving to be a vital tool in the cybercriminal’s arsenal. New data shows the state of the threat and who’s at risk.

The average business experienced around 81 social media attacks each month in Q1 of this year, according to new data from PhishLabs, increasing 12% over Q4, 2022 and 5% over Q1 of 2022. Dominating the list of industries targeted were banking and retail, which combined, represented nearly 58% of all social media-based attacks.

The predominant attack types were cyberthreats (which I’m interpreting as an attempt to gain access to a victim’s network), and impersonation (likely used as part of credential harvesting scams).


Source: PhishLabs

While phishing continues to be the leading initial attack vector, the use of social media presents attackers with a medium where the victim’s defenses are lowered, the content is less scrutinized, little to no security solutions stand in the way, and attackers can impersonate just about anyone they want.

It’s one of the many reasons why Security Awareness Training is so critical; without the user’s own sense of vigilance elevated at all times, it’s far too easy for attackers to leverage social media for malicious purposes against a willing victim.

Don’t get hacked by social media phishing attacks!

Many of your users are active on Facebook, LinkedIn, and Twitter. Cybercriminals use these platforms to scrape profile information of your users and organization to create targeted spear phishing campaigns in an attempt to hijack accounts, damage your organization's reputation, or gain access to your network.

KnowBe4’s Social Media Phishing Test is a complimentary IT security tool that helps you identify which users in your organization are vulnerable to these types of phishing attacks that could put your users and organization at risk.

SPT-monitorHere's how the Social Media Phishing Test works:

  • Immediately start your test with your choice of three social media phishing templates
  • Choose the corresponding landing page your users see after they click
  • Show users which red flags they missed or send them to a fake login page
  • Get a PDF emailed to you in 24 hours with your percentage of clicks and data entered

Go Phishing Now!

PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:

Topics: Phishing

Subscribe to Our Blog

Comprehensive Anti-Phishing Guide

Get the latest about social engineering

Subscribe to CyberheistNews