Social Media Attacks Doubled Since 2021

Social media attacks have doubled since 2021. That shows the latest Quarterly Threat Trends & Intelligence Report from PhishLabs by HelpSystems, a provider of digital risk protection solutions.

In addition, email-triggered hybrid vishing (voice phishing) attacks have more than quintupled and overall phishing volume is up 28 percent year-over-year. During the fourth quarter and throughout 2021, PhishLabs analyzed hundreds of thousands of phishing and social media attacks worldwide targeting brands, businesses and their employees. As the study shows, the number of social media attacks has increased by 103 percent since January 2021. Back then, organizations were experiencing an average of over 33 attacks per month, a little over one attack per day. In December, organizations experienced an average of over 68 attacks per month, which is more than two per day.

Image source: Phishlabs by HelpSystems

Other important findings of the report:

    • Email-triggered hybrid vishing (voice phishing) attacks increased by 554 percent from Q1 to Q4.
    • Phishing volume is up 28 percent year over year, with half of all phishing pages observed in Q4 being created by attackers using a free tool or service.
    • Malware distributed via email nearly tripled in Q4, driven by renewed Qbot and ZLoader attacks.
    • In the fourth quarter, 70 percent of stolen data was offered via chat-based services and carding exchanges.
    • The percentage of attacks targeting financial institutions rose from 33.8 percent in the first quarter to 61.3 percent of all monitored phishing sites in the fourth quarter.

      Image source: Phishlabs by Helpsystems

“2021 was another record-breaking year for social media as a channel of attack. The attackers use social media, impersonating brands and executives, resulting in numerous cyber threats. This forces security teams to monitor many platforms for malicious activity,” said John LaCour, HelpSystems chief strategist. “Financial institutions have been hit the hardest as their services are widely used across many business sectors. In order to minimize cyber risks comprehensively and at an early stage, companies must therefore expand their defense strategy in 2022. This starts with strong cross-channel monitoring and includes working with service providers in the area of ​​new technologies.”