Social Media Impersonation in Phishing: 2022's Latest Wave of Cybercrime

Cybercrimes have escalated significantly in the past couple of years owing to the mass adoption of online services. Threat actors have exhibited their affinity towards social media profiles and emails, targeting innocent people to scam them out of their finances and private data using phishing to sell on the dark web, to be spread and used in impersonation scams. As per recent reports, social media is the most recent category that cybercrime groups are exploiting for malicious purposes.

Summary of the report

The Brand Phishing Report of Q1 by Checkpoint Research has revealed the top social media brands imitated by cybercriminals. The report reached the verdict by analyzing the first three months of 2022, revealing social media giants such as LinkedIn, Whatsapp, and DHL as some of the most phished platforms.

Threat actors have turned their attention from tech giants and service providers to social media, using fake phishing emails appearing as official ones luring innocent users to steal their credentials. The report also revealed shipping as their second choice to intercept and exploit e-commerce by employing phishing emails combined with sophisticated malware that infects workstations.

Key Findings

Here are the key findings of the report:

LinkedIn is the most phished social media, with 52% of worldwide phishing attacks happening on the platform.
DHL is the second most phished platform, with 14% of worldwide phishing attacks.
Google, Microsoft, FedEx, Whatsapp, Amazon, Maersk, AliExpress, and Apple comprise the rest of the list of the top 10 phishing brands for 2022’s first quarter.

Before we look at how cybercriminals are employing phishing on these platforms, let us see what is phishing and how it can affect you.

What is Social Media Phishing and Impersonation?

Phishing is a cybercrime where malicious actors send genuine-looking but fake emails or social media messages, accompanied with links leading you to malicious websites, fake login pages, payment portals, magnetic downloads, etc. Cybercriminals usually impersonate top brands by crafting phishing emails to appear as if they are from genuine services. Phishing is designed to steal login credentials, payment, and private information and download malicious software, known as malware, to infect your devices.

How can phishing affect you?

Danger via Data: Login credentials or data stolen via phishing can be sold on the dark web to be used by cybercriminals to impersonate you online. In addition, compromised payment information can rob you of your finances and amass unknown debt online in your name.
Danger via Malware: Malware can download on your devices without your knowledge and transmit information online. Malware can also be used to gain entry to networks, disrupt device services, and lock devices.

Now that you know what phishing is and how it can harm you, let us see how cybercriminals are employing social media impersonation.

Latest LinkedIn Phishing Attack

The world’s current most impersonated social media, LinkedIn, is being imitated by cybercriminals to send phishing emails, including links to malicious login pages. The phishing emails contain the following sender’s email address, “LinkedIn (smtpfox-6qhrg@tavic[.]com[.]mx)”, cleverly crafted to make people believe the email is from the official platform.

Cybercriminals behind the email lead victims to a fake LinkedIn login page where users have to enter their username and password to gain entry. However, their login credentials would be stolen, providing cyber criminals access to their profiles, revealing their confidential data, private conversations, etc.

The report also revealed a peculiar phishing email incorporating malware.

Maersk Phishing and Malware Emails

Q1 of 2022 also saw the rise of cybercriminals impersonating the shipping giant Maersk. The phishing emails appeared to be sent by the following email, “Maersk Notification (service@maersk[.]com)”.

The phishing emails are highly detailed, providing an attached bill, and making users think they have bought some product. The email hints at the email’s subject as verification of the bill, including standard information such as Transport Document Number, Reference, Booking Number, Ports of Loading, Discharge, and Delivery, and additional consignment information. But the highlight of the Maersk impersonation phishing email is a malicious link crafted to download the Remote Access Trojan named Agent Tesla to the victim’s system. The malicious link downloads a “Transport-Document” in an excel file, keeping victims from discovering the malware.

Ways to Protect Against Social Media Impersonating and Phishing Scams

With such sophisticated phishing attacks in just three months, 2022 is looking to be a long year with major cybercrimes predicted to occur. However, users can easily protect themselves against the latest cybercrimes like social media impersonation and phishing by:

MFA: Enabling Multi-Factor Authentication can help prevent unauthorized logins by requiring additional verifications.
Updating Software: Keeping your device or system’s software secure with the latest updates can protect against cybersecurity threats.
Education: Educating yourself about the common phishing and impersonation tactics can help identify them. Phishing emails often impersonate trusted brands and may employ one of the following as the email subject:

- Suspicious Login Activity or Account Usage
- Updating of Payment Information
- Fake Invoices or Bills
- Tax Payments
- Government Refunds
- Free Redeemable Coupon links and more.
- In addition, phishing emails are easy to spot as they contain grammatical errors. If you look closely at a link in any phishing email, you will recognize it as fake as it contains gibberish.

4. Verification: If you are unsure about the email’s authenticity, you can also approach the customer service or legal office to confirm the email’s legitimacy and confirm payments or bills.

Final Words

2022 and the coming years are going to be tough to maintain cybersecurity. With emerging technologies transforming industries worldwide, there is going to be an increase in cybercriminals, who would want to leave no stone unturned to get access to your information assets somehow. These social media imitations scams are just one part of the more significant cybercrime scenario, which is why cybersecurity is a crucial practice that needs to be taken as a responsibility by individuals themselves and organizations at large to safeguard your online presence and keep malicious at bay.

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Social Media Impersonation in Phishing: 2022’s Latest Wave of Cybercrime