Every quarter, Fortra analyzes thousands of social media incidents to identify the top threats and trends plaguing organizations, their brands, and employees. Social media is a highly attractive environment to cyber attackers due to the large user base, constant flow of information, and the shift of younger generations relying more on social platforms for information instead of web searches. This blog will offer insights into the most targeted social media platforms by threat actors, and an overview of the threat landscape in each of those platforms.
Top 5 Most Targeted Platforms
In Q3, threat actors overwhelmingly targeted X, previously known as Twitter, with 68% of all social media attacks targeting this platform. Facebook was also a popular choice among attackers, contributing to 22% of the overall attack volume. Telegram accounted for a relatively small 8% of the total attack volume. However, Telegram stands out as the most targeted platform specifically designed for direct messaging. Unlike other social media platforms in this analysis, which offer messaging as a secondary feature alongside other functionalities, Telegram’s sole purpose is direct communication and messaging. This can further increase the platform’s visibility as a prime target to attackers, as Telegram can create a direct communication channel for threat actors to social engineer their victims. YouTube and Instagram were the least targeted platforms, respectively making up 1.6% and 0.4% of all social media attacks in Q3.
X Threat Types
Fraud, such as the exposure of banking details and banking fraud, was the most encountered threat by social media users on X. With Fraud accounting for 71.4% of all threats observed, approximately seven in ten X users are likely to encounter a Fraud threat on this platform. Cyber Threats were the second most popular threat type on this platform, with approximately one third of all attacks falling under this category. Fortra defines a Cyber Threat as an incident that includes an intentional cyber risk to the targeted victim, such as hacking attempts. Impersonation threats, such as threats with the purposeful intent to spoof a corporate brand, executive, or employee, were not highly exploited by threat actors on X as it made up less than 1% of incidents in Q3.
Facebook Threat Types
Counterfeit attacks, such as incidents that create or distribute fake versions of products, websites, items, software, and other digital assets, earned their place as Facebook’s most popular threat type. For a threat that accounts for 41% of the total attack volume, Counterfeits are encountered roughly two out of every five times a threat occurred on Facebook in Q3. Fraud, in contrast to being the top threat on X, was the second most popular threat type on this platform. Following in third place, Cyber Threat contributed to 21% of all observed attacks. Impersonation attacks represented only a small fraction of 3.4% of the overall attack volume, indicating that impersonation was a less favored attack tactic among Facebook adversaries in Q3.
Telegram Threat Types
Users on Telegram faced a roughly even split between Impersonation and Fraud threats. Impersonation took the lead, accounting for a significant 57.6% of the threat volume, while Fraud followed closely behind with 40.7%. A smaller portion of Telegram attacks, 2%, were attributed to Cyber Threat incidents which remain far less prevalent on Telegram compared to the top two threats.
YouTube Threat Types
YouTube is the first platform in this analysis where a Cyber Threat constitutes the majority of attacks, with threat actors choosing this threat type as their attack method of choice approximately half of the time on YouTube. Examples of cyber threats on this platform can include hijacked YouTube channels that attackers use to spread scams, and phishing sites aimed at harvesting the credentials of YouTubers. Impersonation threats were also widespread in YouTube’s threat landscape, making up 42% of all attacks, or roughly two out of every five attacks. In contrast to the previous platforms analyzed, Fraud was less prominent here, accounting for only 3.4% of YouTube’s threats in Q3. Data Leaks and Physical Threats rounded out the remaining categories. Fortra defines Data Leaks as any leak or unauthorized share of proprietary or sensitive data such as login credentials, corporate documents, or source code. Whereas Physical Threats typically refer to threats of harm, specifically directed toward an employee, a physical location, or an event.
Instagram Threat Types
Like YouTube, Cyber Threat emerged as the top threat faced by Instagram users, making up 45% of the total attacks observed in Q3. This highlights a consistent trend across both Instagram and YouTube, where Cyber Threats remain a favored tactic among social media attackers on these platforms. Instagram Cyber Threats can take the form of attempts to bypass the platform’s MFA, in-app scams, and phishing links that mine login credentials. Coming in second, Impersonation threats accounted for 37.7% of Instagram’s incidents, demonstrating the spread of Impersonation attacks despite being less popular than Cyber Threats. Although Cyber and Impersonation threats represent a large portion of Instagram’s threat landscape, Fraud and Counterfeit threats also contributed to the overall attack volume in Q3, with 15.6% and 1% respectively. While Fraud and Counterfeits represented smaller attack volumes, their presence does highlight the diverse range of tactics that social media attackers employ in their arsenal to attempt to breach Instagram’s defenses.
Threat actors are increasingly relying on social media channels to deploy a diverse array of cyber threats, tactics, and attacks. These attack campaigns range from attempts to scam clients with counterfeit products, impersonating an organization’s executive, and even conducting financial fraud. With the rise of generative AI, unsuspecting victims are consuming more malicious content that highly mimics and impersonates legitimate entities and brands across multiple social media platforms. Organizations should consider social media threats within their cybersecurity roadmaps in the approaching new year to fortify their defenses against this evolving threat landscape.
Discover how Fortra’s PhishLabs Social Media Protection can strengthen your defenses against these threats.