By John LaCour | September 8, 2021
Social media threats targeting enterprises have increased 47% since January 2021, according to PhishLabs Quarterly Threat Trends & Intelligence Report. While the attack volume varies by industry, today the average organization is being targeted on social media with increasing frequency.
Every quarter, PhishLabs analyzes and mitigates hundreds of thousands of phishing and social media attacks targeting enterprises. In this post, we discuss the top social media threats and which industries are targeted the most often.
Increase in Social Media Attacks
Enterprises are being targeted more frequently on social media. At the onset of 2021, the average business experienced approximately 34 attacks on various social media platforms per month. By June, this number climbed to 50, representing a 47% increase.
Social media has rapidly grown into a popular attack vector for threat actors due to its extensive user base and uninhibited sharing nature. The wide variety of content available on social media makes legitimate organizations ripe for abuse, as threat actors can easily impersonate brands, employees, or their customers.
Top Social Media Threats Quarter over Quarter Change
Fraud-related social media attacks were detected most often, contributing to more than 45% of total threat volume. This represents a 24% increase in share from Q1 and is the only threat type to experience a gain in share from Q1 to Q2.
Fraud on social media is defined as an incident designed to deceptively deny a right to a victim or provide illegal gain to the threat actor. Examples of fraud include the unauthorized sale of account credentials, exposure of banking details, or providing access to tools designed to commit fraud.
Employee, Brand, and Executive Impersonations contribute to 22% of all social media threats. Threat actors incorporate legitimate logos and content in their attacks to trick users into believing they are interacting with a legitimate organization or individual. Social media users are historically less security vigilant, making impersonation a particularly effective tool.
Cyber Threats and Data Leaks on social media both decreased in share from Q1, representing just over 32% of attacks. Physical Threats were negligible, reported only 0.3% of the time.
Attacks on social media targeting Payment Services, Broadcast Media, and Healthcare have experienced significant increases. Payment Services were targeted the most, with threat activity growing more than 500%. Detected attacks on the Healthcare industry represented the second highest increase, moving up in rank from 17th to 10th.
Threat actors are also targeting traditional Broadcast Media and streaming services, with attacks increasing more than 100% since Q1.
Attacks on Cryptocurrency startups continue to grow, as vulnerable exchange services and wallets give actors easy access to instant cash. Cryptocurrency businesses on social media are being targeted 13% more than last quarter.
Social media is quickly emerging as a top threat vector. Threats targeting enterprises have grown 47%, and use tactics such as impersonation, fraud, and other cyber threats to execute attacks. Multiple industries have experienced a significant jump in threat activity, with Payment Services (561%) and Healthcare (187%) representing the greatest increase.
To learn more, check out the Quarterly Threat Trends & Intelligence Report.