Of 4,840 social media accounts associated with 10 top brands, 19% were fraudulent. Because of its massive user base and increased corporate spending, social media is now an attractive cybercriminal target.
Sunnyvale, Calif.-based security firm Proofpoint's latest quarterly threat summary Q2 Social Media Brand Fraud investigated how this business risk is evolving. The threat team examined Facebook, Twitter, YouTube, and Instagram from April through June 2016 for branded accounts claiming to be associated with ten top global brands.
Researchers revealed, "Companies have embraced social media as an essential marketing communications tool. And they continue to build out their social presence. In fact, 38% of companies plan to spend more than 20% of their total ad budgets on social media channels." Organizations expect to spend $35.98 billion on social media advertising in 2017, up nearly 50% from 2015 totals, according to eMarketer.
This influx of money makes social media a lucrative and attractive target for cybercriminals. "The pool of potential victims is huge. The number of social media users is expected to grow from 2.04 billion worldwide in 2015 to 2.55 billion by 2018. That's about a third of Earth's population," the report maintained.
One of the most effective methods is fraudulent accounts. Scammers set up fake social media accounts to masquerade as corporate brands and defraud consumers. Through fraudulent accounts, criminals can swipe all kinds of personal information: banking account logins, credit cards, and even Social Security numbers.
The report revealed 4% of 10 top brand fraud accounts exist for one or more of the following: phishing for personally identifiable information, malware, protest, and satire. "While 4% may seem a small percentage, these accounts can be dangerous to customers and brand reputation," the study noted.
Proofpoint detected:
- Nearly 600 new fraudulent brand accounts each month.
- Thirty percent of the fraudulent brand account offered counterfeit products and services including the promise of free or discounted gifts or customer support/software updates.
- A 150% increase in social media phishing this year vs. the same period in 2015.
- Counterfeit and knockoff product offerings represent 11% of 10 top brand fraud accounts.
- Social media phishing is the fastest growing social media threat: a 150% increase this year vs. the same period in 2015.
Recently, Proofpoint observed an angler phishing attack targeting PayPal users. In early 2016, Proofpoint researchers identified this new form of social media-based phishing attack, which takes its name from the anglerfish, which uses a glowing lure to entice and attack smaller prey. In an angler phishing attack, a fake customer-support account promises to help customers, but instead attempts to steal credentials. "Social media angler phishers create fake customer support accounts that target customers of a wide variety of industries, but we have seen a majority of angler phish attacks focus on customer support accounts for financial services brands," Proofpoint said.
The good news, according to Proofpoint, is that organizations have tools and resources available to protect their social footprint from this social media risk. Our findings serve as an alert for organizations to take action and minimize the threats.
© 2025 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.
Roy Urrico
Roy W. Urrico specializes in articles about financial technology and services for Credit Union Times, as well as ghostwriting, copywriting, and case studies. Also: writer/editor of a semi-annual newsletter for Association for Financial Technology since 1997 and history projects funded by the U.S Interior Department, National Park Service and Warren County (N.Y.).
