Banks were targeted on social media more in Q2, after the largest spike in activity since 2021, according to Fortra’s PhishLabs. While cybercriminal focus on financial institutions remains high, the average number of social media attacks per business, per month in 2023 is trending lower than in 2022. In Q2 specifically, businesses experienced nearly 18 fewer attacks on social channels on average than this time last year. So far, the largest gap in incidents year-over-year was during the month of April. Volume peaked during that time in 2022, but in 2023 it is so far the lowest point of average number of attacks.
Despite the decline, 2023 social media attack volume is still consistent with 2022 and well above the average number of attacks in 2021. Social media has emerged as a preferred channel for cybercriminals to target businesses indiscriminately, with abuse occurring in the form of advertisements, illegitimate business pages, and phony executive profiles. The rapid nature of communication via these channels, in addition to the ease of account creation makes brand abuse and impersonation a light lift for cybercriminals looking to perform nefarious activity.
PhishLabs analyzes hundreds of thousands of social media attacks every quarter to identify the top threats targeting enterprises, their brands, and their employees. In this post, we take a look at the top confirmed threats detected on social media and industries most prone to attack.
Top Social Media Threats
In Q2, cyber threats and impersonation were nearly tied as the top threat type on social media. Cyber threats were most observed, with 34.5% of overall attacks targeting businesses taking the form of telephone support scams, giveaway scams, employment scams, and more. This is the second consecutive quarter cyber threats has won the majority of threat volume.
Impersonation attacks increased nearly 8% quarter over quarter, making up 34% of total volume. Impersonation is widely applied to attacks on social media, where a logo, catchphrase, or well-known name can give victims the false reassurance that they are interacting with a legitimate brand or individual.
Fraud and counterfeit swapped positions in Q2, with both threat types seeing declines. Fraud was the third most observed threat type, despite attacks dropping 1.0%. Fraud made up nearly 16% of overall volume. Counterfeit attacks dropped from the third to the fourth spot in Q2 after decreasing more than 8%. Counterfeit made up 13.9% of volume.
Physical threats and data leaks made up 0.9% and 0.7%, respectively.
National banks were the most targeted industry on social media, making up nearly 40% of total attacks. Banks are consistently the most abused industry on social channels and have been the top focus of cybercriminals for seven consecutive quarters. In Q2, attacks on national banks grew more than 6% in share, the largest increase in attacks since 2021.
The retail industry was abused 7.2% less in Q2, with 17.2% of overall attack volume. This decline directly correlates to the decrease in counterfeit attacks, which make up the majority of all retail incidents. Despite the drop, retail remained in the second spot.
Attacks on cryptocurrency increased, with 15.4% of all attack volume targeting this industry. This is the greatest volume of attacks targeting crypto since PhishLabs has reported on this dataset.
Other industries targeted on social media:
- Financial services 9.7% (+0.4%)
- Dating 2.9% (-0.6%)
- Print & digital media 2.9% (+2.9%)
Social platforms continue to prove an ideal space for abusive content with cybercriminals using stolen messaging and images to target vulnerable organizations. In Q2, cyber threats and impersonation were the top threat types to businesses, making up nearly 70% of attack volume. Banks continued to be the most targeted industry, while cryptocurrency was victim to the highest share of attack volume since reporting on the dataset, nearly overtaking the second most targeted industry, retail. Because of the extensive reach and rapid creation of ads, profiles, and pages, malicious activity targeting organizations can occur without the knowledge of the victim unless measures are taken to constantly monitor relevant social channels.
Learn how PhishLabs protects against threats on social media.
