cyber daily logo

Breaking news and updates daily. Subscribe to our Newsletter

Breaking news and updates daily. Subscribe to our Newsletter X facebook linkedin Instagram Instagram

Cyber criminals bolstering phishing campaigns with spoof social media sites

Norton Labs has found nearly three-quarters of phishing sites imitating Facebook following a year-long analysis.

user iconReporter
Mon, 15 Aug 2022
Cyber criminals bolstering phishing campaigns with spoof social media sites
expand image

NortonLifeLock’s global research team has leveraged the company's global cyber threat telemetry and the analysis includes new findings on how cyber criminals are using social media phishing attacks to steal people's private information.

"Threat actors use social media for phishing attacks because it's a low-effort and high return way to target billions of people around the world,” said Mark Gorrie, APAC senior director, NortonLifeLock.

"As social media is intertwined in our daily lives, it’s key to know how to spot the signs of a scam and keep a sharp eye on where requests for your information are coming from. Even better, consider strong, multi-layered security that can be on the lookout for you, too," Gorrie said.


Norton Labs analysed a full year of phishing attacks on the top social media platforms and published the results in their quarterly Consumer Cyber Safety Pulse Report which details the top consumer cyber security insights and takeaways. While plenty of fake login pages designed to trick victims into inputting their login credentials were found, the diversity and complexity of lures went far beyond that one technique.

The Norton researchers uncovered the top tactics cyber criminals use to get victims to reveal personal information, and while classic login phishing pages are still the most common ploy, cyber criminals are finding new ways to deceive social media users.

Tactics include account lockouts – making it seem that a victim's account has been locked due to "copyright violations"; follower generator services luring victims to reveal login credentials or install malware on the promise of increasing follow count; and verified badge scams prompting users to login to obtain, or not to lose, their verified status on the platform.

From April to June 2022, Norton thwarted over 900 million threats, or around 10 million threats per day globally. In Australia, Norton blocked in total 32,660,129 threats, equating to an average of 358,902.52 blocks per day.

Additionally, the Norton researchers found that over the recent three-month period, there were:

  • 22.6 million phishing attempts globally, with 986,492 in Australia;
  • 103.7 million file threats globally, with 1,570,841 in Australia;
  • 41,029 tech support threats blocked in Australia; and
  • 302,000 mobile threats and 78,000 ransomware attacks globally.

Another phishing campaign tactic aims to intercept temporary codes, designed to break into profiles with two-factor authentication enabled. These tokens are generally tied to the victim's device and allow the scammer to perform privileged operations, such as modifying personal details or login credentials.

[Related: Hacker linked to Lapsus$ gang hits Cisco with cyber attack]

cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.