According to a new study, scammers are exploiting emails from some of the world's most popular social media sites to launch phishing scams against unsuspecting users. A KnowBe4 report revealed that LinkedIn had become the most popular tool for spotting potential victims. More than half of all phishing emails on social media used the Microsoft-owned platform as the anchor point. Phishing scams target cybercriminal Internet users with fraudulent emails designed to appear to come from a large organization. Social media sites have become increasingly popular with these scams in recent years. Phishing attacks on social networks increased by 75% in 2019.
LinkedIn scam
Overall, KnowBe4's tests revealed that LinkedIn was used in 56% of the top phishing messages, more than any other test on other social networks. The report also noted that password reset emails were particularly effective, as were fake login alerts, birthday invites, and photo tag alerts. So-called "in the wild" attacks have proven to be particularly effective when they ask the recipient to act, for example by asking them to share an Outlook calendar or to be assigned a task on a platform. microsoft. KnowBe4 indicates that their results show the importance of training users to detect and manage potentially malicious messages, especially in the workplace. "It feels good to 'join my network' or communicate one way or another, which is why phishing attacks on social media are so successful." said Stu Sjouwerman, CEO of KnowBe4. "Users naturally trust their 'verified' contacts, so they're more likely to click on a link from someone they know. It's getting harder to spot phishing attacks, but our users are smarter than they think bad guys and can be trained to identify and prevent phishing and social engineering attacks."