The internet has become a breeding ground for hackers and other types of cybercriminals. They carry out all kinds of cyber attacks, hoping to steal user and company data.
And believe it or not, phishing is one of their favorite methods.
Basically, scammers impersonate legitimate services and people, and trick victims into compromising their sensitive information. Social media phishing statistics show that platforms such as Facebook and LinkedIn are their preferred hunting grounds, together with email.
After all, that’s where they can easily get closer to their targets and start conversations.
Don’t think that’s the case?
Let’s look at the numbers that prove it.
Over the years, scammers have found numerous ways to include popular platforms into their strategies. Here are some of the most vital stats:
- An ongoing Facebook phishing scam claimed over 10 million victims.
- LinkedIn was involved in 52% of all phishing attacks in the first quarter of 2022.
- Social media is the third most vulnerable industry to phishing attacks.
- WhatsApp is targeted in almost 85% of phishing attacks through messaging apps.
- The use of Telegram bots for phishing increased by 800% in 2022.
First, let’s look at how often cybercriminals use socials to carry out their schemes:
Email continues to be the number one attack vector. However, more and more scammers now use social media to run their campaigns (12%).
(University of Ottawa)
The University of Ottawa conducted a study that traced back over 7,000 malicious URLs. The results showed that 12% of clicks went through social media platforms.
Malicious actors are increasingly phishing for user data on Facebook, LinkedIn, and similar platforms. Numbers from 2018 suggest a 200% rise in that year alone.
The largest share of threats are cybercriminals pretending to be someone else. Impersonation scams make up nearly half of them.
All of the world’s biggest brands now use social media to communicate with their customers. Naturally, scammers take advantage of this by creating fake accounts and luring people into revealing sensitive information. Luckily, most platforms have badges for legit pages.
6. Social media is the third most vulnerable industry to phishing attacks.
Hackers who rely on phishing target financial institutions 23% of the time. Web-based software services and webmail come in second with 17%. Finally, social media is in third place with 11%. The data is from Q3 2022.
In addition, healthcare businesses suffer the most costly attacks.
Facebook phishing statistics
According to social media phishing stats, Facebook is one of the most targeted platforms. And here’s why:
7. There were 4.5 million phishing attempts on Facebook between April and September 2020.
Facebook is by far the most popular social media platform among cybercriminals. What’s more, Whatsapp had 3.7 million phishing attempts and Amazon had 3.3 million in the same year.
8. The number of scammers impersonating Facebook increased by 175.8% in Q2 2019.
With over 2.5 billion users, Facebook is an ideal place for phishing attacks. The number of brand impersonations increased significantly in Q2 2019. Other platforms, such as Instagram and Twitter, also saw significant shifts at the same time.
9. An ongoing Facebook phishing scam claimed over 10 million victims.
Hackers used a fake Facebook login page to steal credentials from more than 10 million users so far. Additionally, the number of victims is increasing at a rapid pace. It grew from 2.7 million in 2021 to 8.5 million in 2022.
LinkedIn, Instagram, and Snapchat phishing statistics
Other popular platforms are also suitable targets rich with user data. Let’s zoom in on these social media phishing stats:
10. LinkedIn was involved in 52% of all phishing attacks in Q1 2022.
LinkedIn was a part of roughly half of all phishing scams globally in the first quarter of 2022. Moreover, DHL is now in second place with 14% of attacks.
11. LinkedIn “Profile Views,” “Add Me,” and “Security Update” account for 40% of subjects scammers use for email phishing attacks.
LinkedIn-related subjects dominate when it comes to harmful emails. “Your friend tagged you in photos on Facebook” is next with 13%.
12. An Instagram verification phishing scam in 2022 claimed 1,000 victims per day.
In 2022, hackers decided to use the Instagram profile verification process for stealing user data. Basically, they told the victims they’re eligible for a badge and asked for their login information. Soon after the campaign launched, it started claiming over 1,000 accounts per day.
13. A Snapchat phishing attack in 2018 exposed over 55,000 usernames and passwords.
In 2018, cybercriminals managed to trick over 55,000 users into revealing their sensitive information on Snapchat. They used a compromised account to share links to a page mimicking the platform’s login page. Later, they shared all of the data on one of their websites.
Messaging apps phishing statistics
Some hackers prefer to do their dirty work with the help of messaging platforms:
14. WhatsApp is targeted in almost 85% of phishing attacks through messaging apps.
A large majority of attacks via messaging apps take place on WhatsApp. Furthermore, Telegram is in distant second place with 5.7%, and Viber comes third with 4.9%.
15. The use of Telegram bots for phishing increased by 800% in 2022.
Cybercriminals often use Telegram bots for credential phishing. Numbers have shown this activity increased by 800% last year. This means there are more bots reaching inboxes with malicious links than ever.
Social media business phishing statistics
It’s not uncommon for scammers to use these services to steal data from companies:
According to PhishLabs, the attacks doubled in the first quarter of the year. All things considered, 2021 turned out to be a record-setting year for phishing through social media.
More than nine-in-ten organizations in Japan reported these attacks in 2019. Half of them said this happened between one and ten times. Another 23% said they experienced up to 25 such attacks that year.
Most hackers still rely on emails to carry out their phishing attacks and steal data. However, these social media phishing statistics show that more of them are using platforms such as Facebook and LinkedIn.
With so many scams taking place, doing everything you can to stay safe is critical.
- University of Ottawa
- Atlas VPN
- The Record
- Marketing Dive
- SC Magazine