Social media plays an important role in many people’s private lives. Social media is also the place of greatest activity for digital marketing. So it is not surprising that fraudsters who are up to mischief on the Internet abuse this huge network for their own purposes. This cyber scam takes place on popular platforms like Facebook, Instagram or Twitter.
Fraudsters pretend to be friends or companies in order to obtain personal data or bank and registration information. This is often done via dangerous links or fake login pages, where users then enter their own information. This information is then intercepted and stored on scammers’ servers to be used against victims. Classic email phishing is just as common, but in the context of social media. The user is z. B. informed that he has new messages in his mailbox and will be forwarded to them via a direct link. The wrong indication that the password no longer corresponds to the standard and must be changed is also known.
This not only poses a threat to private individuals, but also to companies directly and indirectly, such as when employees are personally attacked. According to PhishLabs surveys, the average business experienced around 81 social media attacks each month in the first quarter of this year. The list of affected industries is led by banks and retail, which together accounted for nearly 58 percent of all social media attacks. Providers of cryptocurrencies follow in next place.
The top social media threats:
- Cyber threats (e.g. malware): 33 percent
- Imitation: 26 percent
- Fakes: 22 percent
- Fraud: 17 percent
The reason social media phishing is so attractive is that there is less content scrutiny, little to no security in the way, and attackers can pose as just about anyone. This is one of the many reasons security awareness training is so important. Without users’ constant vigilance, it is far too easy for attackers to use social media for malicious purposes against a suitable victim.
In order to improve user safety, the social media platforms themselves must also tighten their measures. The introduction of reliable security measures such as two-factor authentication and regular user awareness campaigns are important to avoid phishing attacks.
