Trust is a problem with social media, but not just what appears on those platforms. Although social media can be used to spread misinformation or disinformation, it is also being used to facilitate phishing scams.
The most famous brand in 2021 was Facebook, according to Vade’s predictive email defense provider Vade.
According to the security company, 14 percent of all phishing sites were analyzed by Facebook. Facebook, which sat at number two on Vade’s Phishers’ Favorites list in 2020, clearly saw increased interest from phishers over the last two years. Even more concerning is the fact that phishers continue to target social media users, increasing their focus for the third year in a row.
Erich Kron (security awareness advocate, KnowBe4) stated that this is no surprise. KnowBe4’s quarterly reports on phishing have shown over the past few years that LinkedIn Phishing messages are the number one social media message subject to monitor for.”
Kron sent an email Monday warning that social media had become a very lucrative area for spammers. There is no way to stop it. Cybercriminals cannot afford to miss the opportunity to make huge profits from social media. It has transformed into an area where people can keep in touch and express their opinions.
Social media is a great place to scam people with phishing schemes because users can connect with others they do not know.
Kron stated that social media can be used to interact with strangers and bad actors may have a harder time convincing people they are trustworthy, even if they contact them out of the blue. Kron said that accounts with fewer followers but a history of being around for some time are used to scam potential victims. Scammers find accounts with little influence extremely valuable.
People can easily let their guard down on social media, and that is precisely what phishing scammers hope to achieve.
The speed of social media interaction has taught us how to quickly make decisions and often miss red flags. Kron said that even email notification about potential social media interactions can cause people to click on malicious links quickly, simply because they want the information.
Prime Target Via Social Engineering
LinkedIn and other sites have been a prime target for fraudsters since long.
Kron warned that “bad actors” will sometimes pretend to be job-recruiters to steal sensitive information or to scam individuals into paying fees to assist with job placements. Social media is also a popular tool for cybercriminals to spread malware by infecting documents and linking to others.
Phishing scams also work by targeting the weakest link – people. It is more social engineering than sophisticated technology and can prove very deadly when combined with social networks.
Kron noted that “to help combat these attacks, people need to be alert and aware of posts or emails which cause strong emotions response,” Kron said that people need to be aware of the dangers of allowing social media to push people into action. Take a deep breath, and look at these interactions critically.