Phishing in companies: 4,5 million registered attacks via Facebook. A Kaspersky analysis shows that social networks, messengers and external cloud services are used by both employees and cyber criminals.
Current Kaspersky research shows that employees of small and medium-sized businesses most frequently access YouTube, Facebook, Google services and WhatsApp during their working hours. Some of these services are used by cyber criminals to sniff out data.
Employees also access it in the company
Popular cloud services are popular with both employees and cyber criminals. The latter can use phishing as a gateway into the company. For example, the TikTok app has become increasingly popular in recent years and has therefore increasingly been inundated by fake accounts and fraudsters. Protecting against such scams and phishing attempts is critical to ensuring that both personal user accounts and corporate data and devices remain secure. As a result, many companies block such applications on company-owned devices. Usually these are only the relevant social networks such as Facebook, Twitter, Pinterest, Instagram and LinkedIn - and not messenger, file sharing or mail services; likely because they are widely used for both work and personal purposes.
Analysis of anonymized Kaspersky data shows, however, that it is YouTube, Facebook, Google Drive, Gmail and WhatsApp that are most frequently used by employees during their working hours and are consequently mainly exploited by cyber criminals for phishing and other harmful actions. Most of the phishing attempts concerned:
Number of phishing attempts per social media platform
- Facebook (4,5 million phishing attempts)
- WhatsApp (3,7 million)
- Amazon (3,3 million)
- Apple (3,1 million)
- Netflix (2,7 million)
- as well as offers from Google, including YouTube, Gmail and Google Drive (1,5 million phishing attempts).
"We can no longer imagine our daily life and work without various web services such as social media, messenger apps and file-sharing platforms," said Tatyana Sidorina, security expert at Kaspersky. “They allow us to communicate and share thoughts, ideas, images and inspiration. This became even more of a reality as the whole world spent many months almost entirely online this year. However, it is important for organizations to understand where threats are coming from and what technology and awareness measures are needed to counter them. Companies must enable their employees to conveniently use the services they need. Therefore, it is important to find a balance. At Kaspersky, we understand this and provide companies with relevant protection solutions and expertise.”
More on this at Kaspersky.com
About Kaspersky Kaspersky is an international cybersecurity company founded in 1997. Kaspersky's in-depth threat intelligence and security expertise serve as the basis for innovative security solutions and services to protect companies, critical infrastructures, governments and private users worldwide. The company's comprehensive security portfolio includes leading endpoint protection as well as a range of specialized security solutions and services to defend against complex and evolving cyber threats. Kaspersky technologies protect over 400 million users and 250.000 corporate customers. More information about Kaspersky can be found at www.kaspersky.com/