17 Social Media Phishing Statistics That Will Shock You in 2023

The internet has become a breeding ground for hackers and other types of cybercriminals. They carry out all kinds of cyber attacks, hoping to steal user and company data.

And believe it or not, phishing is one of their favorite methods.

Basically, scammers impersonate legitimate services and people, and trick victims into compromising their sensitive information. Social media phishing statistics show that platforms such as Facebook and LinkedIn are their preferred hunting grounds, together with email.

After all, that’s where they can easily get closer to their targets and start conversations.

Don’t think that’s the case?

Let’s look at the numbers that prove it.


Intimidating social media phishing statistics

Over the years, scammers have found numerous ways to include popular platforms into their strategies. Here are some of the most vital stats:

  • An ongoing Facebook phishing scam claimed over 10 million victims.
  • LinkedIn was involved in 52% of all phishing attacks in the first quarter of 2022.
  • Social media is the third most vulnerable industry to phishing attacks.
  • WhatsApp is targeted in almost 85% of phishing attacks through messaging apps.
  • The use of Telegram bots for phishing increased by 800% in 2022.

General social media phishing statistics

First, let’s look at how often cybercriminals use socials to carry out their schemes:

1. 12% of all phishing attacks happen through social media.


Email continues to be the number one attack vector. However, more and more scammers now use social media to run their campaigns (12%).

2. 12% of phishing URL clicks go through social media.

(University of Ottawa)

The University of Ottawa conducted a study that traced back over 7,000 malicious URLs. The results showed that 12% of clicks went through social media platforms. 

3. The number of phishing attacks on social media increased by 200% in 2018.


Malicious actors are increasingly phishing for user data on Facebook, LinkedIn, and similar platforms. Numbers from 2018 suggest a 200% rise in that year alone.

4. Impersonation scams account for 40.7% of all such schemes on social media.


The largest share of threats are cybercriminals pretending to be someone else. Impersonation scams make up nearly half of them.

5. About 19% of all social media accounts claiming to be top brands are fraudulent.


All of the world’s biggest brands now use social media to communicate with their customers. Naturally, scammers take advantage of this by creating fake accounts and luring people into revealing sensitive information. Luckily, most platforms have badges for legit pages.

6. Social media is the third most vulnerable industry to phishing attacks.


Hackers who rely on phishing target financial institutions 23% of the time. Web-based software services and webmail come in second with 17%. Finally, social media is in third place with 11%. The data is from Q3 2022.

In addition, healthcare businesses suffer the most costly attacks.

Facebook phishing statistics

According to social media phishing stats, Facebook is one of the most targeted platforms. And here’s why:

7. There were 4.5 million phishing attempts on Facebook between April and September 2020.


Facebook is by far the most popular social media platform among cybercriminals. What’s more, Whatsapp had 3.7 million phishing attempts and Amazon had 3.3 million in the same year.

8. The number of scammers impersonating Facebook increased by 175.8% in Q2 2019.


With over 2.5 billion users, Facebook is an ideal place for phishing attacks. The number of brand impersonations increased significantly in Q2 2019. Other platforms, such as Instagram and Twitter, also saw significant shifts at the same time.

9. An ongoing Facebook phishing scam claimed over 10 million victims.


Hackers used a fake Facebook login page to steal credentials from more than 10 million users so far. Additionally, the number of victims is increasing at a rapid pace. It grew from 2.7 million in 2021 to 8.5 million in 2022.

LinkedIn, Instagram, and Snapchat phishing statistics

Other popular platforms are also suitable targets rich with user data. Let’s zoom in on these social media phishing stats:

10. LinkedIn was involved in 52% of all phishing attacks in Q1 2022.

(Atlas VPN)

LinkedIn was a part of roughly half of all phishing scams globally in the first quarter of 2022. Moreover, DHL is now in second place with 14% of attacks.

11. LinkedIn “Profile Views,” “Add Me,” and “Security Update” account for 40% of subjects scammers use for email phishing attacks.


LinkedIn-related subjects dominate when it comes to harmful emails. “Your friend tagged you in photos on Facebook” is next with 13%.

12. An Instagram verification phishing scam in 2022 claimed 1,000 victims per day.

(The Record)

In 2022, hackers decided to use the Instagram profile verification process for stealing user data. Basically, they told the victims they’re eligible for a badge and asked for their login information. Soon after the campaign launched, it started claiming over 1,000 accounts per day.

13. A Snapchat phishing attack in 2018 exposed over 55,000 usernames and passwords.

(Marketing Dive)

In 2018, cybercriminals managed to trick over 55,000 users into revealing their sensitive information on Snapchat. They used a compromised account to share links to a page mimicking the platform’s login page. Later, they shared all of the data on one of their websites.

Messaging apps phishing statistics

Some hackers prefer to do their dirty work with the help of messaging platforms:

14. WhatsApp is targeted in almost 85% of phishing attacks through messaging apps.


A large majority of attacks via messaging apps take place on WhatsApp. Furthermore, Telegram is in distant second place with 5.7%, and Viber comes third with 4.9%.

15. The use of Telegram bots for phishing increased by 800% in 2022.

(SC Magazine)

Cybercriminals often use Telegram bots for credential phishing. Numbers have shown this activity increased by 800% last year. This means there are more bots reaching inboxes with malicious links than ever.

Social media business phishing statistics

It’s not uncommon for scammers to use these services to steal data from companies:

16. The number of phishing attacks on enterprises through social media increased by 103% in 2021.


According to PhishLabs, the attacks doubled in the first quarter of the year. All things considered, 2021 turned out to be a record-setting year for phishing through social media.

17. In Japan, 96% of organizations said they experienced a social media phishing attack in 2019.


More than nine-in-ten organizations in Japan reported these attacks in 2019. Half of them said this happened between one and ten times. Another 23% said they experienced up to 25 such attacks that year.

Wrap up

Most hackers still rely on emails to carry out their phishing attacks and steal data. However, these social media phishing statistics show that more of them are using platforms such as Facebook and LinkedIn.

With so many scams taking place, doing everything you can to stay safe is critical. 


  1. Statista
  2. PhishLabs
  3. University of Ottawa
  4. PhishLabs
  5. Tripwire
  6. Corrata
  7. Threatpost
  8. PhishLabs
  9. PIXM
  10. Atlas VPN
  11. KnowBe4
  12. The Record
  13. Marketing Dive
  14. SlashNext
  15. SC Magazine
  16. PhishLabs
  17. ProofPoint