According to Vade Secure’s report, the number of phishing URLs related to Facebook grew by 358,8%, and WhatsApp, by 13467%.Vade Secure published a report on phishing threats in the fourth quarter of 2019. Researchers identified 25 brands that phishers most widely use, compiling this list by analyzing a variety of phishing URLs.
As a result, researchers put WhatsApp on the fifth place with 5,020 unique phishing URLs. This means that the messenger has risen from 63 to 5th place in the list of the most counterfeit brands that are used in phishing attacks, having shown rapid growth of 13467%.
“Digging into WhatsApp, the staggering growth in phishing URLs stems primarily from a campaign inviting recipients to the so-called Berbagi WhatsApp group, which advertises pornographic content. Moreover, it appears web hosting provider 000webhost was hacked and used to host the phishing pages”, — explain Vade Secure researchers.
The messenger having through hard times, only recently I reported that Dangerous vulnerabilities in WhatsApp allowed compromising millions of users.
Also in the top 25 of the most popular brands among phishers were Facebook, which occupied the second place in the top, and Instagram, which raised for 16 positions to 13 places. Phishers used Facebook as a decoy in 9,795 phishing URLs, and Instagram in 1401, which almost doubled during the previous quarter and showed an increase of 187,1%.
Although in the fourth quarter of 2019 the number of phishing attacks related to Facebook decreased by 18.7%, in the annual volume this indicator increased by 358.8%. It is worth noting that Facebook launched a new payments system in November called Facebook Pay. Available across Facebook, Messenger, Instagram, and WhatsApp, Facebook Pay enables users to send money to friends, purchase goods, or even donate to fundraisers.
“It will be interesting to see whether Facebook Pay drives further growth in phishing across Facebook’s brands, particularly if the size of the service’s user base reaches and exceeds PayPal’s”, — note Vade Secure researchers.
Additionally, the popularity of Facebook Login could become the reason for the popularity of social networks among phishers. So, having in their hands credentials from a Facebook account, phishers can see what other applications the user has logged in with social sign-on, and then compromise these accounts.
What is more, cybercriminals, instead of looking for financial returns from phishing on social networks, can collect credentials and then try to reuse passwords to crack other online services. Finally, a Google survey conducted in 2019 showed that two out of three people use the same password for multiple accounts.