Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Analytics

5/23/2018
06:45 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Facebook Sites Dominate Social Network Phishing in Q1 2018: Kaspersky Lab

The findings come from Kaspersky Lab's new 'Spam and Phishing in Q1 2018' report.

Woburn, MA – May 23, 2018 – In the first quarter of 2018, Kaspersky Lab’s anti-phishing technologies prevented more than 3.7 million attempts to visit fraudulent social network pages, of which 60 percent were fake Facebook pages, according to Kaspersky Lab’s ‘Spam and Phishing in Q1 2018’ report.

Social network phishing is a form of cybercrime that involves the theft of personal data from a victim’s social network account. The fraudster creates a copy of a social networking website (such as a fake Facebook page), and tries to lure unsuspecting victims to it, forcing them to give up their personal data – such as their name, password, credit card number, PIN code and more – in the process.

At the beginning of the year, Facebook was the most popular social networking brand for fraudsters to abuse, and Facebook pages were frequently faked by cybercriminals to try and steal personal data via phishing attacks. This is part of a long-term trend: in 2017, Facebook became one of the top three targets for phishing overall, at nearly 8 percent, followed by Microsoft Corporation (6 percent) and PayPal (5 percent). In Q1 2018, Facebook also led the social network phishing category, followed by VK, a Russian online social networking service, and LinkedIn. The reason for this is likely to be the 2.13 billion active monthly Facebook users worldwide, including those who log in to unknown apps using their Facebook credentials, thereby granting access to their accounts. This makes unwary Facebook users a profitable target for cybercriminal phishing attacks.

The distribution of different types of social network phishing detected by Kaspersky Lab in Q1 2018

These findings reinforce the fact that personal data is valuable in the world of information technology, both for legitimate organizations and attackers. Cybercriminals are constantly searching for new methods to attack users, so it’s important to be aware of fraudster techniques to avoid becoming the next target. For example, a recent trend is the increase of spam emails related to GDPR, Europe’s General Data Protection Regulation. Examples include offers of paid webinars to clarify the new legislation or invitations to install special software that provides access to online resources to ensure compliance with the new rules.

“The continuous increase in phishing attacks - targeting both social networks and financial organizations - shows us that users need to pay more serious attention to their online activities,” said Nadezhda Demidova, lead web content analyst, Kaspersky Lab. “Despite the recent global scandals, people continue to click on unsafe links and allow unknown apps to access their personal data. Due to this lack of user vigilance, the data on a huge number of accounts gets lost or extorted from users. This can then lead to destructive attacks and a constant flow of money for the cybercriminals.”

Kaspersky Lab experts advise users to take the following measures to protect themselves from phishing:

  • Always check the link address and the sender’s email before clicking anything. Don’t click the link, but type it into your browser’s address line instead.
  • Before clicking any link, check if the link address shown is the same as the actual hyperlink (the real address the link will take you to) – this can be checked by hovering your mouse over the link.
  • Only use a secure connection, especially when you visit sensitive websites. As a precaution, do not use unknown or public Wi-Fi without password protection. For maximum protection, use VPN solutions that encrypt your traffic. Remember: if you are using an insecure connection, cybercriminals can invisibly redirect you to phishing pages.
  • Check the HTTPS connection and domain name when you open a webpage. This is especially important when you are using websites which contain sensitive data, such as sites for online banking, shopping, email, social media sites, etc.
  • Never share your sensitive data, such as passwords, bank card data and more, with a third party. Official companies will never ask for this type of data via email.
  • Use a reliable security solution with behavior-based anti-phishing technologies, such as Kaspersky Total Security, to detect and block spam and phishing attacks.

 

Other key findings in the report include:

Phishing:

  • The main targets of phishing attacks have remained the same since the end of last year. They are primarily global Internet portals and the financial sector, including banks, payment services and online stores.
  • About $35,000 was stolen through one phishing site that appeared to offer the opportunity to invest in the rumored Telegram ICO. Approximately $84,000 was stolen following a single phishing email mailshot related to the launch of ‘The Bee Token’ ICO.
  • Financial phishing continues to account for almost half of all phishing attacks (43.9 percent), which is 4.4 percent more compared to the end of last year. Attacks against banks, e-shops and payment systems remain the top three targets, demonstrating cybercriminals’ desire to access users’ money.
  • Brazil was the country with the largest share of users attacked by phishers in the first quarter of 2018 (19 percent). It was followed by Argentina (13 percent), Venezuela (13 percent), Albania (13 percent) and Bolivia (12 percent).

Spam:

  • In the first quarter of 2018, the amount of spam peaked in January (55 percent). The average share of spam in the world’s email traffic was 52 percent, which is 4.6 percent lower than the average figure of the last quarter of 2017.
  • Vietnam became the most popular source of spam, overtaking the U.S. and China. Others in the top 10 included India, Germany, France, Brazil, Russia, Spain and the Islamic Republic of Iran.
  • The country most targeted by malicious mailshots was Germany. Russia came second, followed by United Kingdom, Italy and the UAE.

To learn more about spam and phishing in Q1 2018, read our blogpost on Securelist.com.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
97% of Americans Can't Ace a Basic Security Test
Steve Zurier, Contributing Writer,  5/20/2019
How Security Vendors Can Address the Cybersecurity Talent Shortage
Rob Rashotte, VP of Global Training and Technical Field Enablement at Fortinet,  5/24/2019
TeamViewer Admits Breach from 2016
Dark Reading Staff 5/20/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Building and Managing an IT Security Operations Program
As cyber threats grow, many organizations are building security operations centers (SOCs) to improve their defenses. In this Tech Digest you will learn tips on how to get the most out of a SOC in your organization - and what to do if you can't afford to build one.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-7068
PUBLISHED: 2019-05-24
Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .
CVE-2019-7069
PUBLISHED: 2019-05-24
Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have a type confusion vulnerability. Successful exploitation could lead to arbitrary code execution .
CVE-2019-7070
PUBLISHED: 2019-05-24
Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .
CVE-2019-7071
PUBLISHED: 2019-05-24
Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.
CVE-2019-7072
PUBLISHED: 2019-05-24
Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .