Fake Facebook Pages Account For 60% Of Social Network Phishing
In the first quarter of 2018, Kaspersky Lab’s anti-phishing technologies prevented more than 3.7 million attempts to visit fraudulent social network pages, of which 60% were fake Facebook pages.
The results, according to Kaspersky Lab’s report, ‘Spam and phishing in Q1 2018’, demonstrate that cyber-criminals are still doing what they can to get their hands on personal data.
Social network phishing is a form of cybercrime that involves the theft of personal data from a victim’s social network account.
The fraudster creates a copy of a social networking website, such as a fake Facebook page, and tries to lure unsuspecting victims to it, forcing them to give up their personal data, such as their name, password, credit card number, PIN code, and more, in the process.
At the beginning of the year, Facebook was the most popular social networking brand for fraudsters to abuse, and Facebook pages were frequently faked by cybercriminals to try and steal personal data via phishing attacks. This is part of a long-term trend: in 2017, Facebook became one of the top three targets for phishing overall, at nearly 8%, followed by Microsoft Corporation (6%) and PayPal (5%).
In Q1 2018, Facebook also led the social network phishing category, followed by VK, a Russian online social networking service, and LinkedIn.
The reason for this is likely to be the worldwide 2.13 billion active monthly Facebook users, including those who log in to unknown apps using their Facebook credentials, thereby granting access to their accounts. This makes unwary Facebook users a profitable target for cybercriminal phishing attacks.
This all reinforces the fact that personal data is valuable in the world of information technology, both for legitimate organisations and for attackers.
Cyber-criminals are constantly searching for new methods to hit users, so it’s important to be aware of fraudster techniques to avoid becoming the next target. For example, the latest trend is spam emails related to GDPR (Europe’s General Data Protection Regulation). Examples include offers of paid webinars to clarify the new legislation, or invitations to install special software that will provide access to online resources to ensure compliance with the new rules.
You Might Also Read:
Don't Underestimate The Impact Of Phishing: