Facebook dominated attempts to phish unsuspecting netizens in the first quarter of the year, accounting for 60% of all social network phishing attacks during the period, according to Kaspersky Lab.
The Russian AV vendor claimed in its Spam and phishing in Q1 2018 report to have blocked 3.6 million attempts to visit fraudulent social media pages.
Following Facebook, Russian social platform VK (21%), and LinkedIn (13%) were most commonly spoofed — with victims tricked into handing over names, log-ins, and even credit card numbers.
The reasons are pretty straightforward: cyber-criminals follow the money, and with over two billion active monthly users, there’s more opportunity to generate revenue by spoofing one the world’s most popular social networks.
Overall, the main targets for phishers remain internet portals, banks, online stores and payment services, with financial phishing the most popular (44%) type, according to the report.
Crypto-currency ICOs also represent a potentially lucrative event for cyber-criminals to leverage.
Around £26,000 was stolen through a phishing site claiming to offer investment opportunities for a rumored Telegram ICO, while £62,000 was stolen from victims via a single phishing email linked to the launch of “The Bee Token” ICO, Kaspersky Lab claimed.
The vendor also warned users of an increase in fake GDPR privacy notices, which require users to fill in their details in order to ‘access’ their accounts.
“We urge users to pay close attention to the new regulation and carefully study any notifications related to it,” it added. “Links should be checked before clicking: they should not contain redirects to third-party sites or domains unrelated to the service on whose behalf the message was sent.”
Germany was the number one target of malicious emails (15%) followed by Russia (6%) and the UK (5%).
However, the country with the largest percentage of users affected by phishing attacks in Q1 2018 was Brazil (19%).