Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

    Security Awareness Training Blog

    Phishing Attacks on Social Media Doubled Over 2021

    Phishing Attacks on Social MediaPhishing attacks on social media doubled over the course of 2021, according to a new report from PhishLabs by HelpSystems. Most (68%) of these attacks targeted organizations in the financial sector, followed by the telecommunications sector in second place at 24%.

    “According to the findings, the number of social media attacks per target increased 103% from January 2021, when enterprises were experiencing an average of just over one threat per day,” the researchers state. “In December, enterprises averaged over 68 attacks per month, or more than two per day.”

    The researchers also observed a significant rise in phishing emails that attempt to trick victims into calling the scammers.

    • “Hybrid Vishing (voice phishing) attacks initiated by email increased 554% in volume from Q1 to Q4.
    • “Phishing volume has grown 28% year-over-year, with half of all phishing sites observed in Q4 being staged using a free tool or service.
    • “Malware delivered via email nearly tripled in Q4, led by a resurgence in Qbot and ZLoader attacks.
    • “70% of advertisements for stolen data took place on chat-based services and carding marketplaces in Q4.
    • “The percentage of attacks targeting financial institutions increased from 33.8% in Q1 to 61.3% of all phishing sites observed in Q4.”

    John LaCour, Principal Strategist at HelpSystems, stated that organizations’ security teams need to be aware of social engineering attacks on social media.

    “2021 was another record-setting year for social media as a threat channel,” LaCour said. “Threat actors use social media to commit fraud, impersonate brands and executives, and launch a variety of cyber threats, forcing security teams to monitor a variety of platforms for activity targeting their enterprise. Financial Institutions were the most actively targeted by threat actors since their services are often used broadly across several business sectors.”

    New-school security awareness training can enable your employees to recognize phishing and other social engineering attacks.

    PhishLabs has the story.

     

    Return To KnowBe4 Security Blog

    Don’t get hacked by social media phishing attacks!

    Many of your users are active on Facebook, LinkedIn, and Twitter. Cybercriminals use these platforms to scrape profile information of your users and organization to create targeted spear phishing campaigns in an attempt to hijack accounts, damage your organization's reputation, or gain access to your network.

    KnowBe4’s Social Media Phishing Test is a complimentary IT security tool that helps you identify which users in your organization are vulnerable to these types of phishing attacks that could put your users and organization at risk.

    SPT-monitorHere's how the Social Media Phishing Test works:

    • Immediately start your test with your choice of three social media phishing templates
    • Choose the corresponding landing page your users see after they click
    • Show users which red flags they missed or send them to a fake login page
    • Get a PDF emailed to you in 24 hours with your percentage of clicks and data entered

    Go Phishing Now!

    PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:

    https://www.knowbe4.com/social-media-phishing-test

    Topics: Phishing

    Stu Sjouwerman

    ABOUT STU SJOUWERMAN

    Stu Sjouwerman (pronounced “shower-man”) is the founder and CEO of KnowBe4, Inc., which hosts the world’s most popular integrated security awareness training and simulated phishing platform, with over 54,000 organization customers and more than 50 million users. A serial entrepreneur and data security expert with 30 years in the IT industry, Stu was the co-founder of Inc. 500 company Sunbelt Software, a multiple award-winning anti-malware software company that was acquired in 2010.

    Read more from Stu »

    Subscribe to Our Blog


    Security Awareness Training
    Blog RSS Feed
    Comprehensive Anti-Phishing Guide
    All Posts

    Posts by Tag

    See all

    Posts By Topic

    View All

    Get the latest about social engineering

    Subscribe to CyberheistNews