Chris Swagler | March 13th, 2022

The latest data suggests there are nearly 4 billion social media users worldwide who engage in various platforms for communication, news, and entertainment. At the same time, threat actors are ramping up their efforts with phishing campaigns to target these social media users. A phishing report by a prominent cybersecurity company, which examined phishing attack patterns from 2021, reviewed 184,977 phishing pages generating stats based on the billion corporate and consumer mailboxes that the cybersecurity company protects. The researchers noticed an increase in the sophistication of phishing attacks, an evolution in tech support scams, and the dominance of COVID-19 and item shipping lures.

Phishing actors concentrated their efforts on social media platforms because gaining control of individual accounts is frequently used as a stepping stone to reach larger audience or to launch highly effective spear-phishing attacks. Phishing actors can post links to malware-dropping or phishing sites, which followers are likely to click on because they trust them, therefore generating traffic to harmful sites. The more popular the compromised account, the larger the targeted pool. This is widely seen on Twitter where breached “verified” accounts are exploited to promote crypto scams.

Phishing actors are especially interested in well-known brands and target them during periods of high recognition. In spear phishing, the actors may use access to compromised accounts to directly send messages to the victim’s family and friends and engage in high-level social engineering. Even if the threat actors aren’t interested in exploiting the social media account access this way, they can utilize the stolen credentials by extorting victims for ransom or selling them to other threat actors.

Other key findings in the analysis include the fact that phishing actors have become more sophisticated when targeting corporate users and their Microsoft 365 accounts. According to the report, the cybersecurity company discovered a sophisticated Microsoft phishing attack in which business logos and background images were automatically reproduced onto Microsoft 365 phishing pages. The highly targeted phishing attack was designed to trigger only if the intended victim received the email, which the threat actor confirmed by issuing an API call to Microsoft with the victim’s email address. The threat actors use an HTTP post request to fetch and load the target’s employer logo and background once the victim’s identification has been verified. Dynamically loading phishing pages are considerably more likely than ordinary phishing tactics to lure victims into entering their Microsoft credentials.

Avoid Becoming a Social Media Phishing Victim

How to Protect Against Phishing Attacks on Social Media

 Check and regularly update the privacy settings on your social media accounts. Utilize options allowing only people you know to view the posts and opt-out of targeted advertising to prevent apps from accessing your profile information.

With billions of active users, social media networks are prime phishing targets for cybercriminals. That’s why it’s important for companies and individuals to remain ahead of the current threat landscape, secure their accounts, and keep their profiles private. At SpearTip, our certified engineers continuously monitor companies’ networks for potential threats at our 24/7/365 Security Operations Centers. We also specialize in incident response capabilities and handling breaches with one of the fastest response times in the industry. Furthermore, our ShadowSpear Platform is an unparalleled resource that optimizes visibility and integrates with cloud, network, and endpoint devices to provide extra layer of protection preventing potential cyber threats, including phishing attempts, from accessing your personal information.

If your company is experiencing a breach, call our Security Operations Centers at 833.997.7327 to speak directly with an engineer.