Risk actors are more and more tailoring their assaults to focus on social media apps and smartphone customers, in accordance with a brand new report from the Anti-Phishing Working Group (APWG).
As electronic mail safety applied sciences enhance, scammers are turning to social media apps, textual content messages, and voice calls to conduct social engineering assaults.
Matthew Harris, Senior Product Supervisor, Fraud at OpSec, defined, “Now we have noticed an elevated share of fraud being focused in direction of websites that don’t require excessive safety, equivalent to social media websites like Fb and LinkedIn, and SAAS and Webmail accounts equivalent to Microsoft Outlook and Netflix.”
The report additionally discovered that the amount of phishing assaults focusing on financial institution accounts has fallen in comparison with final yr, however these assaults have grown extra refined and focused. Attackers have to put extra effort into banking-focused assaults since these establishments usually have extra layers of safety.
“Banks require two-factor authentication for on-line banking, equivalent to codes despatched to the customers’ cellphones,” the report says. “With out these authentication codes, phishers can’t get into victims’ on-line monetary accounts. So as an alternative, fraudsters are utilizing phone-based strategies to phish financial institution and fee service customers. These are extra fast contact strategies, and permit the fraudster to speak victims out of their delicate data.
Telephone-based fraud is initiated by totally different strategies. One is voice phishing or vishing — the place fraudsters name potential victims. One other is SMS-based phishing or smishing – by which fraudsters promote the URLs of phishing websites inside SMS (Brief Message Service) and Web-generated, phone-to-phone textual content messages.”
Nearly all of scams in Q2 2024 concerned reward card fraud or advance price requests. APWG contributor Fortra discovered that the common sum of money requested in enterprise electronic mail compromise (BEC) assaults rose by 6.5% final quarter to achieve $89,520.
KnowBe4 empowers your workforce to make smarter safety choices on daily basis. Over 70,000 organizations worldwide belief the KnowBe4 platform to strengthen their safety tradition and scale back human danger.
The APWG has the story.