More than three-quarters of social media attacks were executed by automated bots, and login attacks were twice as more likely to be attacked than account registrations, according to an Arkose Labs report.
Social media platforms are now major targets for criminals looking to make a quick hit, according Arkose Labs' Q3 Fraud and Abuse report released on Monday. The report found that more than half (53%) of social media login traffic is fraudulent, and 25% of all new account applications on social media are fraud.
The report was based on 1.2 billion user transactions including account registrations, logins and payments from financial services, e-commerce, travel, social media, gaming, and entertainment. Upon analyzing these sessions, as well as attack patterns, from April to June 2019, the report determined how severe of a threat vector social media sites have become.
SEE: Fighting social media phishing attacks: 10 tips (free PDF) (TechRepublic)
By 2021, cybercrime is projected to cost the global economy more than $6 trillion in damages, which supersedes the annual costs of natural disasters and the global drug trade.
"We are in an era where online identity, intent, business, metrics and content can all be faked. This can have serious security and ﬁnancial repercussions for any business with an online presence, especially as they try to balance risk management with the delivery of exceptional customer experience," Kevin Gosschalk, CEO of Arkose Labs, said in a press release. "Meanwhile, the risk landscape is quickly becoming increasingly complex because fraudsters have easy access to sophisticated tools and resources. This means that they can tweak their attack patterns as long they remain profitable."
Social media is crucial for businesses trying to reach large audiences, but this digital growth brings for avenues for cyberattacks. More than 75% of social media attacks are conducted by automated bots, the report found, with login attacks twice as more likely to be attacked than account registrations.
Fraudsters using large-scale bots attacks hope to steal information, spread spam, distribute social media propaganda, and launch social engineering campaigns, Gosschalk said in the release.
For more, check out How to protect yourself and your organization against digital identity fraud on TechRepublic.
- How to become a cybersecurity pro: A cheat sheet (TechRepublic)
- Mastermind con man behind Catch Me If You Can talks cybersecurity (TechRepublic download)
- Windows 10 security: A guide for business leaders (TechRepublic Premium)
- Online security 101: Tips for protecting your privacy from hackers and spies (ZDNet)
- The best password managers of 2019 (CNET)
- Cybersecurity and cyberwar: More must-read coverage (TechRepublic on Flipboard)