Social media attacks targeting businesses have jumped 12.2% in Q1 from the previous quarter, according to Fortra’s PhishLabs. Attacks on social channels are also trending higher than Q1 2022, with the average business experiencing more than 81 attacks per month. External platforms, such as social media, are widely used by cybercriminals to engage in fraud and distribute misinformation. Threatening material on social media is especially difficult to monitor for, as malicious content can be created and distributed quickly, without clear evidence of abuse.

PhishLabs analyzes hundreds of thousands of social media attacks every quarter to identify the top threats targeting enterprises, their brands, and their employees. In this post, we take a look at the top confirmed threats detected on social media and industries most prone to attack.

Top Social Media Threat Types

In Q1, Cyber Threats represented the majority of attack volume on social media, making up 33% of all malicious activity recorded. This is the first time since documenting this data point that Cyber Threats have led all other categories. Cyber Threats include giveaway scams, employment scams, videos containing fake or malicious content such as how to hack, and more.

Impersonation dropped from the top spot after a decline of more than 10% in activity. Impersonation of a brand, executive, or employee can cause significant damage to an organization on social media, as these channels are heavily relied on for insight into brand health and company culture. Impersonation attacks are convincing and can be quickly created using stolen intellectual property and messaging. The decline in this threat type may be attributed to a growing focus on addressing brand-related abuse by security teams. Increased visibility into malicious activity on social platforms, in addition to restrictions on how brand or executive-related social accounts should be used, are also likely contributors.

Counterfeit attacks were the third most documented threat type on social media, contributing to 22% of activity. Counterfeit jumped more than 10% in share over Q4. As retail presence and promotions have become commonplace on social channels, cybercriminals are engaging more than ever with victims via misleading ads and accounts. Counterfeit lures include fake sales or calls to action that will redirect victims to attacker-owned sites selling unauthorized products on the open web.

Top Targeted Industries on Social Media

National Banking Institutions were the top targeted industry in Q1, representing more than 33% of threats on social media. Attacks on the Financial Industry as a whole made up 62.9% of all malicious activity, and included Cryptocurrency, Other Financial Services (such as investment brokerages), and Payment Services.

Despite the historical focus on finance, attacks targeting Retail jumped 7% in Q1. More than 24% of malicious activity targeted the retail industry, minimizing the gap between the first and second place spots. This increase can be directly attributed to the bump in Counterfeit attacks and threat actor abuse of legitimate Retail branding and trademarks.

Cryptocurrency also moved up on attacker priority, becoming the third most attacked industry in Q1. Threats targeted Cryptocurrency in 14.7% of incidents.

Other Financial Services, Dating, and Payment Services rounded out the top six industries, despite each dropping in share of volume. Financial Services declined more than 5%, making up 9.29% of attack volume. Dating and Payment Services experienced 3.5% and 2.87% of attacks, respectively.

As attackers increasingly use social channels to target organizations, it is critical that security teams monitor for malicious activity on relevant platforms. On average, social media abuse is trending up per month, per business, with vulnerable industries and their customers finding themselves targeted with misleading accounts, advertisements, and posts. Retail brands specifically experienced a significant increase in attacks in Q1, with incidents jumping nearly 7%. The threat types most prevalent on social channels saw some variation over Q4, with Counterfeit attacks surging more than 10%. Likewise, Impersonation attacks dropped 10.15%.