The names of popular social networking sites are increasingly being used in phishing attacks, according to an annual Brandjacking report issued by MarkMonitor Inc.
Phishing attacks in 2009 using social network brands totaled 11,240, surging 376% from 2008. MarkMonitor, which sells brand abuse protection services, said that although the number of organizations being used in phishing attacks for the first time decreased in 2009, phishing attacks reached a new record high last year, increasing 62% from 2008, averaging about 600 phishing attacks per organization.
The San Francisco-based company monitors 30 major brand names and conducts a weekly sampling to look for scams that abuse their names in a variety of methods. The research involves searching through millions public domain records and spam messages over the course of the year.
In addition to abusing the brand names of social networks, attackers are also using the frameworks of social network platforms to spread unwanted links to spam and malicious content. The number of phishing attacks on social networking sites represented 2% of all phishing attacks in 2009, but MarkMonitor noted a sharp increase in attacks at the end of the year, from about 2,000 phishing attacks in the third quarter to nearly 6,000 phishing attacks in the fourth quarter.
Social networking security, phishing attacks:
Phishing attacks to remain a major problem, say security experts: The recent FBI raid halting an international phishing ring highlights the problem of eradicating phishers. Password management and two-factor authentication help reduce the risk.
Phishing websites, rogue antivirus skyrocket in 2009: An Antiphishing Working Group report found phishing websites reaching the second highest level ever recorded. Rogue antivirus is also fueling an increase in malware infections.
Despite the increase in attacks, social networks move relatively quickly to suspend hijacked accounts and filter out phishing traffic, said Fred Felman, chief marketing officer at MarkMonitor.
"Social networks aren't interested in users being confused because it harms the trust relationship they have built with them," Felman said. "It's clear that with social media, bad actors are spanked real hard and real quickly."
Facebook recently announced plans to increase user education and is working with security vendor, McAfee Inc. to provide discounted antivirus software to users. Twitter has also increased user awareness. Jake Brill, a project manager on Facebook's site integrity team, said in a recent interview that the social network uses both in-house and open source software to monitor accounts for suspicious activity.
Twitter is also taking steps. It recently announced a new phishing filter that will use on its back-end systems to scan and eradicate malicious links, known to spread rapidly on the microblogging site.
"Twitter users were being victimized by phishing scams spread primarily through links in direct messages," Del Harvey, director of Twitter's trust and safety team, said in a blog announcing the new service."By routing all links submitted to Twitter through this new service, we can detect, intercept, and prevent the spread of bad links across all of Twitter,"
Banks, credit card brands used in most phishing campaigns
The financial industry continues to pay the biggest toll, with banks and credit card companies being used in many phishing campaigns. MarkMonitor noted about 200,000 phishing attacks targeting payment services brands in 2009, an increase of 154% from 2008. Meanwhile, attacks targeting financial brands numbered about 225,000 2009, an increase of 36% over 2008.
"The number of viable targets were reduced in 2009 because of consolidation and bank failure but we saw a phishing industry capitalizing on the confusion of consumers," Felman said. "It was a good opportunity to capitalize on the flux and fear as part of the global financial crisis."
Felman said MarkMonitor's Brandjacking Index is also documenting the increasingly targeted nature of phishing attacks.
Cybersquatting most popular brand abuse technique
Cybersquatting, the act of purchasing a domain name similar to a major brand in an attempt to profit from the brand, is on the rise, MarkMonitor said. It is the most prevalent brand abuse technique, growing 8% from 2008.
Cybersquatters are also getting more clever at increasing their profits, Felman said. Some sites attempt to increase their search engine rankings, building a network of fake Web pages that make the sites appear to contain a higher amount of original content. Others use the major brands as keywords, only to sell completely unrelated items to people who may accidentally browse to their website. Many of the brands falling victim to this kind of abuse are in the travel, hospitality and consumer goods industry, Felman said.
"They often times put affiliate ads for a product they're abusing on their page in order to collect affiliate or advertising revenue," he said. "With relatively little resources they can drive a fair amount of traffic to their site."