After analysing a full year of phishing attacks on the top social media platforms, NortonLifeLock in a report said plenty of fake login pages were designed to trick victims into inputting their login credentials were found. Over three-quarters of these phishing sites imitated Facebook.
Norton Labs published its quarterly Consumer Cyber Safety Pulse Report. detailing the top consumer cybersecurity insights and takeaways from April through June 2022. “Threat actors use social media for phishing attacks because it’s a low-effort and high return way to target billions of people around the world,” said Darren Shou, head of technology, NortonLifeLock. “As social media is intertwined in our daily lives, it’s key to know how to spot the signs of a scam and keep a sharp eye on where requests for your information are coming from. Even better, consider strong, multi-layered security that can be on the lookout for you, too.”
The report says that cybercriminals are finding new ways to deceive social media users. Some of the popular tactics include account lockouts – making it seem that a victim’s account has been locked due to “copyright violations”; follower generator services – luring victims to reveal login credentials or install malware on the promise of increasing follow count; and verified badge scams – prompting users to log in to obtain, or not to lose, their verified status on the platform.
Another phishing campaign tactic aims to intercept temporary codes, to break into profiles with two-factor authentication enabled. These tokens are generally tied to the victim’s device and allow the scammer to perform privileged operations, such as modifying personal details or login credentials.
Meanwhile, from April to June 2022, Norton thwarted over 900 million threats or around 10 million threats per day globally. In India, Norton blocked a total of 15,955,446 threats, equating to an average of 175,334.57 blocks per day.