Video Becomes the Next Big Bait for Social Engineering

Scammers are always looking for new ways to get potential victims to engage. It appears that the latest trend is to leverage our familiarity with watching video to spawn an attack.

Everyday, people all over the world are engaging with video content on social media as a stimulating medium to learn from or be entertained. So, it makes sense that the bad guys would want to take advantage of the lowered defenses of individuals through the use of fake links to videos.

Video links can be sent to a potential victim via email or social media channels, usually using an “Is this you in the video???” angle of attack to create an emotional response – and get them to click.


9-11-19 Image


It’s important to note that almost none of these attacks involve video at all; they are simply creating the need for a victim to click a malicious link under the guise of it being a video of interest.

Users should be taught to be weary of such requests, even when seemingly coming from someone they know. Hacked social media accounts are valuable social engineering assets to cybercriminals, as they can be used to send the same “Is this you?” message to everyone connected to the compromised account.

Users within organizations should be made aware of these and other tactics aimed at invoking an emotional response (that being the clicking of the malicious link) through continual Security Awareness Training.

Don’t get hacked by social media phishing attacks!

Many of your users are active on Facebook, LinkedIn, and Twitter. Cybercriminals use these platforms to scrape profile information of your users and organization to create targeted spear phishing campaigns in an attempt to hijack accounts, damage your organization's reputation, or gain access to your network.

KnowBe4’s Social Media Phishing Test is a complimentary IT security tool that helps you identify which users in your organization are vulnerable to these types of phishing attacks that could put your users and organization at risk.

SPT-monitorHere's how the Social Media Phishing Test works:

  • Immediately start your test with your choice of three social media phishing templates
  • Choose the corresponding landing page your users see after they click
  • Show users which red flags they missed or send them to a fake login page
  • Get a PDF emailed to you in 24 hours with your percentage of clicks and data entered

Go Phishing Now!

PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:

Subscribe to Our Blog

Comprehensive Anti-Phishing Guide

Get the latest about social engineering

Subscribe to CyberheistNews