Report: 53% of social media logins are fraud
Cyber Security

Report: 53% of social media logins are fraud

More than half of social media logins are fraudulent, according to a new report.

Specifically, 53% of social media logins are fraudulent, and 25% of all new account applications on social media are also coming from scammers, according to the Arkose Labs Q3 Fraud and Abuse report.

Of course, there are plenty of good reasons to care about the fakery that saturates social media, given that the fraudulent activity is focused on stealing data and squeezing us all for money. Large-scale bots are behind most of these transactions, launching attacks on social media platforms with the goal of “disseminating spam, stealing information, spreading social propaganda and executing social engineering campaigns targeting trusting consumers,” according to a media release from Arkose.

Arkose looked at fraud across the internet, but with specific regards to social media fraud, the activity took on a host of different forms: account hijackings, fraudulent account creation, and spam and abuse were among them. It found that more than 75% of attacks on social media are coming from automated bots.

Social media was distinct among the industries Arkose analyzed: account hijackings were more common, with logins twice as likely to be attacked than account registrations, the report found. Arkose says that the account takeovers are being done by attackers looking to harvest valuable personal data from the accounts of legitimate users.

We’ve often written about how these account takeovers manifest and what they’re after: In November 2018, for example, Facebook said that the US Department of Justice (DOJ) had recently discovered an alleged IS supporter warning others that it’s gotten tougher to push propaganda on the platform, and thus was suggesting that fellow propagandists try to take over legitimate social media accounts that had been hijacked: to act like wolves pulling on sheepskins in order to escape from Facebook’s notice, as it were.

Profit is another big motivator: We’ve seen valuable Instagram accounts held for ransom and virtual loot worth real money that was motivating attackers to hijack 77,000 Steam accounts a month, for example.

Arkose CEO Kevin Gosschalk, from the press release:

The extremely high attack rate on social-media logins is indicative of the value placed on the data fraudsters extract from compromised social accounts. Because more than 50% of social media logins are fraud, we know that fraudsters are using large-scale bots to launch attacks on social-media platforms with the goal of disseminating spam, stealing information, spreading social propaganda and executing social-engineering campaigns targeting trusting consumers.

Using bots to launch the attacks makes economic sense, Arkose says. It saves crooks the money they’d otherwise have to spend on wages.

You might also like

Fake ChatGPT Chrome Extension Steals Facebook Logins

Samsung Galaxy Store App Found Vulnerable To Fraudulent Web

Microsoft release final report on ‘SolarWinds Cyberattack’

US court sentence Ukrainian for online money laundering

Comments are closed.

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. AcceptRead More