At The Identity Organisation, we're here to help!

    Or drop us a mail!

    Your privacy is important to us, and we want to communicate with you in a way which has your consent and which is in line with UK Law on data protection. As a result of a change in UK law on 25th May 2018, by providing us with your personal details you consent to us processing your data in line with current GDPR requirements.

    Here is where you can review our Privacy & GDPR Statement

    To remove consent at any time, please e-mail info@tidorg.com with the word "unsubscribe" as the subject.

    +44 (0) 1628 308038 info@tidorg.com

    Phishing Attacks Are Increasingly Targeting Social Media and Smartphone Users

    Threat actors are increasingly tailoring their attacks to target social media apps and smartphone users, according to a new report from the Anti-Phishing Working Group (APWG).

    As email security technologies improve, scammers are turning to social media apps, text messages, and voice calls to conduct social engineering attacks.

    Matthew Harris, Senior Product Manager, Fraud at OpSec, explained, “We have observed an increased share of fraud being targeted towards sites that do not require high security, such as social media sites like Facebook and LinkedIn, and SAAS and Webmail accounts such as Microsoft Outlook and Netflix.”

    The report also found that the volume of phishing attacks targeting bank accounts has fallen compared to last year, but these attacks have grown more sophisticated and targeted. Attackers need to put more effort into banking-focused attacks since these institutions typically have additional layers of security.

    “Banks require two-factor authentication for online banking, such as codes sent to the users’ mobile phones,” the report says. “Without those authentication codes, phishers can’t get into victims’ online financial accounts. So instead, fraudsters are using phone-based methods to phish bank and payment service users. These are more immediate contact methods, and allow the fraudster to talk victims out of their sensitive information.

    Phone-based fraud is initiated by different methods. One is voice phishing or vishing — where fraudsters call potential victims. Another is SMS-based phishing or smishing – in which fraudsters advertise the URLs of phishing sites within SMS (Short Message Service) and Internet-generated, phone-to-phone text messages.”

    The majority of scams in Q2 2024 involved gift card fraud or advance fee requests. APWG contributor Fortra found that the average amount of money requested in business email compromise (BEC) attacks rose by 6.5% last quarter to reach $89,520. 

    KnowBe4 empowers your workforce to make smarter security decisions every day. Over 70,000 organizations worldwide trust the KnowBe4 platform to strengthen their security culture and reduce human risk.

    The APWG has the story.

    Find out which of your users’ emails are exposed before bad actors do.

    Many of the email addresses and identities of your organization are exposed on the internet and easy to find for cybercriminals. With that email attack surface, they can launch social engineering, spear phishing and ransomware attacks on your organization. KnowBe4’s Email Exposure Check Pro (EEC) identifies the at-risk users in your organization by crawling business social media information and now thousands of breach databases.

    Here’s how it works:

    • The first stage does deep web searches to find any publicly available organizational data
    • The second stage finds any users that have had their account information exposed in any of several thousand breaches
    • You will get a summary report PDF as well as a link to the full detailed report
    • Results in minutes!
    Get You EEC Report!

    PS: Don’t like to click on redirected buttons? Cut & Paste this link in your browser:https://info.knowbe4.com/email-exposure-check-pro-partner?partnerid=001a000001lWEoJAAW

    Sign Up to the TIO Intel Alerts!

    Back To Top