We are in an age where reality TV stars create Instagram handles for their new-born children weeks before they are born. The President of the United States wages war over Twitter and self-validation comes from the number of likes we receive on a single photo.
In the early part of 2017, the Office for National Statistics found that 90 percent of households in the UK had internet access and 73 percent of adults accessed the internet “on-the-go” via a mobile device – more than double the 2011 rate (36%). At last count, the number of social media users in the UK stood at 39 million – a figure that was predicted to rise as high as 42 million by the end of last year. It therefore comes as no surprise that the three primary vectors cybercriminals choose to target businesses, governments and individuals are email, mobile, and social media.
Cybercrime on the rise
Cybercriminal activity is continuously evolving; in both its methods and sophistication, and threat actors are unceasingly adapting and upgrading their approaches.
Cybercriminals have always focused on exploiting weaknesses. A key difference however, is that in the past, they would look for software or network vulnerabilities and while this continues to take place, another flaw has been identified; people.
This means that despite the growing awareness around cybersecurity, attacks are not only common, but also on the rise, leaving individuals, businesses and organisations highly exposed.
Over the last year, it has become very clear that the growing popularity of social platforms goes hand in hand with an increase in vulnerability. They have become a breeding ground for a variety of threats, from malware distribution to phishing.
Fraudulent social media accounts burst onto the scene and became a major feature of the threat landscape in 2016. These so-called “angler phishing” attacks – where a fake customer-support account promises to help customers, but instead attempts to steal credentials – grew by an astonishing 150 percent in 2016.
It is unsurprising therefore, that Proofpoint’s Quarterly Threat Reports have shown that there has been a dramatic rise in fraudulent social media customer service accounts over the last six months.
In Q2 2017 alone, there was a staggering surge in social media attacks, with a 300 percent increase in the number of fraudulent support accounts used for social media “angler phishing” and a 70 percent increase in phishing links from the previous quarter.
The Growth of Angler Phishing
Phishing on social media – where attackers post random malicious links on brand’s social media pages – saw an increase of 10 percent between Q2 and Q3 of last year, but fake customer support accounts remained the threat tactic of choice, with usage continuing to grow a further 5 percent from the previous three months, meaning that it now stands at double what it was the year before.
It became fairly evident last quarter that there has been a broad shift in social media attacks. Whilst attackers are still quick to respond to events or seasonal trends with conventional phishing across social media platforms, they are ever increasingly turning their attention to more lucrative angler phishing.
Although standard credential phishing through social media may be easier and a more simplistic method of attack to carry out, targeted angler phishing has a better chance of success. This is because it appears more human and personal than random links posted in a comments section, so consumers believe these social accounts are legitimate brand profiles.
Cybercriminals understand that a brand’s reputation is everything. People trust brands they know and as a result, attackers continue to exploit the trust placed in household names.
How can you protect your brand?
We have to assume that human curiosity coupled with confidence in household brand names will lead people to click.
Criminals will continuously find new ways to exploit the human factor, so it is critical for brands to safeguard their image and reputation, and leverage solutions that identify and quarantine cyber threats targeting customers before they reach their social media feeds.
It is therefore advisable to implement a comprehensive social media security solution that scans all social networks, reports any fraudulent activity and alerts you to lookalike social media account impersonation attacks, especially those offering fraudulent “customer-support” services. The solution should not only detect infringing accounts, but work with takedown services to stop them from defrauding your customers and partners.
As social media continues to have an all-encompassing presence in our day to day lives and people use these platforms as a way to directly communicate with organisations, it is crucial that brands take steps to protect themselves and their customers. Human nature means that we will continue to be a weak link in the security chain, no matter how savvy we think we are online. Instead attackers will continue to take advantage of human vulnerabilities, such as ‘’trust’’, so brands must do all that they can to protect against these social fraudsters.