Huge Phishing Uptick Targets Facebook, Instagram Users
By: Jim Stickley and Tina Davis
September 23, 2019
Social media fans beware. A new report by Vade Secure finds a 74.7% increase in phishing attacks against Facebook and Instagram fans in the first quarter of this year. Their findings also reveal that for the fourth straight quarter, Microsoft continues to be the most faked brand in phishing attacks. It looks like Facebook, which also owns Instagram and WhatsApp, is also under serious attack. The phishing blitz on other social media sites is also increasing, but Facebook and Instagram users are clearly the hardest hit.
With all of the scandal and security issues Facebook has been embroiled in lately, the Vade Secure report suggests that some security restructuring in Facebook may have actually led to the ongoing increase in phishing attacks against its users. Hackers are well aware of the confusion over Facebook changes and are using that as a serious phishing lure. Capitalizing on user confusion opened enormous phishing opportunities against users, sending emails with links to fake web pages purporting help with user security–but stealing passwords and other data instead.
With social media safety in jeopardy now more than ever, especially email phishing attacks, users of all kinds need to pay attention. The threat is real, and it’s getting worse. From individual social media users to companies and their social media sites, being careful of posting TMI (Too Much Information) is a great safety starter. Hackers troll these sites looking to glean any information they can use to send targeted email phishing lures. Posting employee information like names and job titles is an opening that hackers jump on, especially for those involved in company finances and who work in human resources. It doesn’t take much information to launch phishing email threats.
Keeping phishing in check involves some basic tips we can all use.
- Suspect everything may be phishing; even emails from trusted sources. The sources can be faked, especially when a social media site is full of friends and their names.
- Check email addresses carefully and never open attachments, follow links, or call phone numbers contained in an email. They are often set-ups for malware, fake websites, and vishing (voice) scams–and that rarely ends well.
- Keep operating system, security patches, and app updates tuned to the latest versions available.
- Finally, using security software on all devices is highly recommended.
Sniffing-out phishing emails before you open and engage with them is something that keeps hackers awake at night. Better them than you!