LinkedIn was the most targeted social media network for phishing attacks in Q1

A new study has shown a growing trend in which hackers impersonate popular social networking sites to obtain personal information or payment details from users via phishing attacks.

Check Point Research, the threat intelligence arm of Check Point Software Technologies and a provider of cybersecurity solutions, highlighted the brands most frequently imitated by cybercriminals in its Brand Phishing Report for the first quarter of This year.

LinkedIn rose to the top for the first time, accounting for 52% of all phishing attempts globally in January, February and March.

This is a significant jump of 44% from the previous quarter, when LinkedIn was ranked sixth and was only associated with 8% of phishing attempts.

The other most imitated companies are DHL (14%), which ranked first last quarter, Google (7%), Microsoft and FedEx (both at 6% each) and WhatsApp (4%). WhatsApp remains in the lead. 10, according to the research, and that the messaging app is responsible for nearly one in twenty phishing attacks worldwide.

If there was any doubt that social media would become one of the most targeted sectors by criminal groups, the first quarter dispelled those doubts, Check Point Research said, as social media overtook transportation companies and tech giants such as Google, Microsoft and Apple as the most targeted category.

The company said its findings are based on data obtained from Check Point ThreatCloud and its Cyber ​​Threat Map, which analyzes real-time cyberattacks around the world.

“These phishing attempts are attacks of opportunity, pure and simple.

“Criminal groups are orchestrating these large-scale phishing attempts, with the goal of tricking as many people as possible into parting with their personal data,” said Omer Dembinsky, head of data research group at Check Point Software. .

Typically, a hacker would attempt to steal user data by sending malicious emails using the brand name as the sender address, taking care to include things like the logo or color scheme. brand to make them appear authentic.

The report highlights an example where LinkedIn users were contacted via an official-looking email in an attempt to trick them into clicking on a malicious link.

Once there, users would be prompted to log in through a fake portal where their credentials would be collected, the company said, adding that the criminals would attempt to impersonate the official website using a similar domain and design. .

In another example, a hacker used Maersk’s branding and a spoofed email address to make it appear as if it was sent from “Maersk Notification”.

The user was prompted to download an Excel document containing the Trojan known as Agent Tesla, a type of malware capable of allowing access to a victim’s computer through a backdoor.

“Some attacks will try to gain ground on individuals or steal their information, like the ones we see with LinkedIn.

“Others will be attempts to deploy malware on corporate networks, such as the bogus emails containing fake carrier documents that we see with companies like Maersk,” Dembinsky said.

Shipping company brands like DHL and Maersk, he said, are being exploited by threat actors to target both businesses and consumers due to the growing popularity of e-commerce, and it is critical that staff learn to be more vigilant when it comes to recognizing phishing. diets.

“Employees in particular should be trained to spot suspicious anomalies such as misspelled domains, typos, incorrect dates and other details that could expose a malicious email or text message,” he said. said, urging LinkedIn users to be extra vigilant over the next few months.

Source link