Social Media Threats for Payment Services Jump Over 550% in Q2 2021

According to data presented by Atlas VPN, social media attacks on payment services increased by 561.8%, comparing 2021 Q1 to 2021 Q2. Social media platforms have many weak points that allow threat actors to carry out various types of internet crime.

In the second quarter of the year, the most popular internet crimes were fraud, impersonation, cyber threats, and data leaks. The data is supplied by PhisLabs, where researchers analyzed hundreds of thousands of phishing and social media attacks targeting enterprises, their employees, and their brands.

While attacks on payment services increased the most, other industries also experienced a significant increase in threats. In the second quarter of 2021, fraudsters targeted payment services drastically more often compared to the first quarter of 2021 as the volume of unique threats skyrocketed by 561.8% in Q2. However, some markets saw the opposite happen – a decrease in threats in the second quarter of 2021.

Hospitals and healthcare enterprises also saw a massive jump in attacks. Attacks on healthcare companies increased by 187.8%. Hackers also carried out significantly more attacks on businesses in the broadcast media industry, with a steep surge of 112.5%.

Finally, markets experiencing an upshift of attacks include cryptocurrency services and credit unions, where threats grew 13% and 4.9%, respectively.

On the other hand, some industries experienced fewer attacks in Q2 than they did in Q1.

Enterprises providing dating-related services (-52.3%), computer software (-49.2%),  telecommunications (-23.5%), e-commerce (-19.7%), and banking (-10.2) all noticed a decline in the amount of threats.

Overall, social media attacks targeting enterprises are up 47%.

In January, businesses saw an average of 33.6 social media attacks per month. Five months later, in June, the average volume of attacks per enterprise reached 49.6, representing a 47% growth.

Fraud looms on social media

As mentioned previously, individuals and brands encounter various types of threats on social media. Here, we will analyze the most prominent attack types in 2021 Q2.

Fraud is by far the most common type of internet crime that plagued businesses. Nearly half of the threats encountered (45.6%), fall under the fraud category. Compared to Q1, fraud threats escalated by 23.7%.

Fraud refers to a type of internet crime intended to deceive a victim or offer illicit gain to the threat actor, such as the unauthorized selling of account credentials or exposing banking information.

Brand and employee impersonations were the second most common threats encountered by businesses, making up 21.8% of all threats. Most impersonators spoof a corporate brand, CEO, or employee with the objective of swaying victims into taking a specific action. Usually, the final goal of the fraudster is to obtain sensitive information or to convince the victim to transfer money.

Cyber attacks, mainly in the form of hacking attempts, comprised 19.1% of all social media threats to enterprises globally.  Data leaks also make the top five list, comprising 13.2% of the total volume of threats.

The analysis also reveals that brands and employees receive a number of physical threats, but they represent a relatively small percentage of the total, at only 0.3%.

While there are countless attack vectors, social media has not been at the forefront for most threat actors. Yet, we see a different trend in the first half of 2021 – cybercriminals increasingly use impersonation, fraud, and other cyber threats to attack businesses on social media.