Facebook emerging as major target for phishing attacks


Facebook's massive worldwide popularity has seen it emerge as the fourth most common target for phishing attacks.

Kaspersky Labs' latest quarterly spam report reveals that while payment site PayPal remains the most popular subject for spam and phishing scams, Facebook has risen dramatically to levels never before seen from a social networking site.

According to Kaspersky, more than one in two phishing scams (52 per cent) is focused on PayPal, followed by eBay (13.3 per cent) and HSBC (7.8 per cent). However, Facebook has now risen to a clear fourth place, with 5.7 per cent of all phishing attacks masquerading as being from the social network.

"This was the first time since we started monitoring that attacks on a social-networking site have been so prolific," said the report's authors.

"Having stolen users' accounts, the fraudsters can then use them to distribute spam, sending bulk emails to the account owners and their friends in the network. This method of distributing spam allows huge audiences to be reached," it added.

"Additionally, it lets the fraudsters take advantage of the social networking sites' additional options, like being able to send different requests, links to photos and invitations, all with the advertisement attached, both within the network and to users' inboxes."

There was one anomaly, however: while on average phishing emails made up 0.57 per cent of all mail traffic in the first three months of the year, the figures for January and February were above 0.8 per cent, before a dramatic drop to just 0.03 per cent in March. "It's not easy to explain this fact, but we will watch how the situation develops," the report said.

When it comes to spam, the report suggested that junk emails may now have reached saturation point, with spam messages accounting for 85.2 per cent of all emails sent between January and March largely unchanged on the previous quarter. Phishing emails made up 0.57 per cent of the total volume of mail traffic.

As for the origins of spam messages, the picture remains largely unchanged. The US continues to be the leading source (16 per cent) of spam, followed by India (seven per cent) and Russia (six per cent). The latter continues to rise in. The UK is responsible for two per cent of spam, as is China, with the recent tightening of domain registration rules in the latter having clearly had an effect.