Fake Facebook Pages Account For 60% Of Social Network Phishing

In the first quarter of 2018, Kaspersky Lab’s anti-phishing technologies prevented more than 3.7 million attempts to visit fraudulent social network pages, of which 60% were fake Facebook pages. 

The results, according to Kaspersky Lab’s report, ‘Spam and phishing in Q1 2018’, demonstrate that cyber-criminals are still doing what they can to get their hands on personal data.

Social network phishing is a form of cybercrime that involves the theft of personal data from a victim’s social network account. 
The fraudster creates a copy of a social networking website, such as a fake Facebook page, and tries to lure unsuspecting victims to it, forcing them to give up their personal data, such as their name, password, credit card number, PIN code, and more, in the process.

At the beginning of the year, Facebook was the most popular social networking brand for fraudsters to abuse, and Facebook pages were frequently faked by cybercriminals to try and steal personal data via phishing attacks. This is part of a long-term trend: in 2017, Facebook became one of the top three targets for phishing overall, at nearly 8%, followed by Microsoft Corporation (6%) and PayPal (5%). 

In Q1 2018, Facebook also led the social network phishing category, followed by VK, a Russian online social networking service, and LinkedIn. 

The reason for this is likely to be the worldwide 2.13 billion active monthly Facebook users, including those who log in to unknown apps using their Facebook credentials, thereby granting access to their accounts. This makes unwary Facebook users a profitable target for cybercriminal phishing attacks.

This all reinforces the fact that personal data is valuable in the world of information technology, both for legitimate organisations and for attackers. 

Cyber-criminals are constantly searching for new methods to hit users, so it’s important to be aware of fraudster techniques to avoid becoming the next target. For example, the latest trend is spam emails related to GDPR (Europe’s General Data Protection Regulation).  Examples include offers of paid webinars to clarify the new legislation, or invitations to install special software that will provide access to online resources to ensure compliance with the new rules.

Kaspersky

You Might Also Read: 

Don't Underestimate The Impact Of Phishing:

 

« Artificial Intelligence Or Deep Learning? What's The Difference?
Cybersecurity 2019: Predictions You Can’t Ignore »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

HackerOne

HackerOne

HackerOne was started by hackers and security leaders who are driven by a passion to make the internet safer.

Virtustream

Virtustream

The Virtustream Enterprise Class Cloud provides a secure, highly available, Infrastructure as a Service (IaaS) to enterprises and government customers.

Agari

Agari

Agari is the Trusted Email Identity Company™, protecting brands and people from devastating phishing and socially-engineered attacks.

Pindrop Security

Pindrop Security

Pindrop solutions are leading the way to the future of voice by establishing the standard for security, identity, and trust for every voice interaction.

LEPL Cyber ​​Security Bureau - Georgia

LEPL Cyber ​​Security Bureau - Georgia

The aim of the LEPL Cyber Security Bureau is to create and strengthen stable, efficient and secure systems of information and communications technologies.

Clym

Clym

Clym is the data privacy platform that helps organisations meet their data protection obligations. Cookies, Consent, Requests, Policies and more are all managed in a secure and adaptive application.

ThreadStone Cyber Security

ThreadStone Cyber Security

ThreadStone Cyber Security offer reliable, practical and affordable cyber security solutions for both large and smaller organizations that we develop and deliver ourselves from Europe.

Blue Lance

Blue Lance

Blue Lance is a global provider of cybersecurity governance solutions. Our software solutions automatically collect and store the information necessary for investigations, audit and compliance.

Predatech

Predatech

A cyber security consultancy offering a range of services, including CREST accredited penetration testing, vulnerability assessments and certifications incl. Cyber Essentials & Cyber Essentials Plus.

Fluid Attacks

Fluid Attacks

Fluid Attacks specialize in red team operations as well as technology development that continuously enhance our security testing services.

AEWIN Technologies

AEWIN Technologies

AEWIN is professional in the fields of Network Appliance, Cyber Security, Server, Edge Computing and an ODM/OEM expert.

Wavex Technology

Wavex Technology

Wavex Technology is an award winning IT Services firm offering clients a secure and fully managed IT service.

Stripe OLT

Stripe OLT

At Stripe OLT, we provide complete business technology solutions - Our team has an unrivalled reputation as a Microsoft Gold Partner, specialising in secure, cloud-first technology.

Toka Group

Toka Group

Toka empowers government agencies with critical and previously out-of-reach digital forensics, force protection and Intelligence capabilities, tackling the fields' most pressing challenges.

Rootly

Rootly

Rootly is an incident management platform on Slack that helps automate manual admin work during incidents.

Contextal

Contextal

Contextal develops cutting-edge open-source cybersecurity solutions, designed to connect the dots and detect complex threats, which slip through the existing protections.