Kaspersky finds social networks, messengers and external cloud services are most often exploited by cyber-fraudsters

[news release] Kaspersky is revealing the web services that employees of small and medium businesses most frequently access while working are some of the most exploited by malefactors as they are used as a springboard for phishing. These services include YouTube, Facebook, Google services and WhatsApp. Further insights show that this list is not consistent with the services that employers tend to limit for use on corporate devices.

While organizations can have different priorities and permissions for what web services can be used by their employees, it is important for organizations to understand all of the relevant threats they could face and how they can infiltrate corporate endpoints. Once a web service becomes popular, it is likely that it will become a more attractive target amongst scammers.

For example, the TikTok app has gained enormous popularity over recent years. It appeared to be flooded with fake accounts and scammers who are gradually improving their skills as the service rises in popularity. Protection from such scams and phishing attempts is crucial to ensure both personal user accounts and corporate data and devices remain safe.

According to anonymized statistics of events captured in a Kaspersky product, voluntarily provided by its customers[1], the top five web services employees access more often from their corporate devices include a video sharing platform, a social network, a mail service and a messenger: YouTube, Facebook, Google Drive, Gmail and WhatsApp – all leading services in their respective segments.

Unfortunately, these same web services are also exploited for phishing and other malicious actions. Kaspersky analysis[2] revealed the top five applications where phishing attempts were found most often: Facebook (4.5m phishing attempts), WhatsApp (3.7m), Amazon (3.3m), Apple (3.1m) and Netflix (2.7m). Google’s offerings bundled together, including YouTube, Gmail and Google Drive, took sixth position with 1.5m phishing attempts. With the two lists sharing many of the services, these results only confirm the trend that popular applications have become valuable platforms for fraudsters’ malicious actions.

These statistics also highlight what web applications are most likely to be limited on organizations’ corporate devices. The top five most blocked applications only include social networks: Facebook, Twitter, Pinterest, Instagram and LinkedIn. These decisions can be made for a variety of reasons, such as complying with data regulations, or in line with specific organization requirements for social media use. And while it includes Facebook, which is actively exploited by scammers, it doesn’t include messengers, file sharing or mail services, likely because they are often used for working purposes as well as for personal needs.

Most used servicesMost commonly blocked servicesTop services, by phishing attempts
YouTubeFacebookFacebook
FacebookTwitterWhatsApp
Google DrivePinterestAmazon (all services)
GmailInstagramApple (all services, including iCloud)
WhatsAppLinkedInNetflix

We can’t imagine our daily lives, and work, without different web services, including social media, messenger apps and file sharing platforms. They allow us to communicate and share thoughts, ideas, images and inspiration – and this has become even more of a reality when the entire world has spent many months online this year,” said Tatyana Sidorina, security expert at Kaspersky. “However, it is important for any organization to understand where threats may come from and what technology and awareness measures are needed to prevent them. Businesses also need to provide their employees with comfortable use of services they require, so it is crucial to get the balance right. We at Kaspersky appreciate this and provide organizations with relevant protection tools and expertise.”

Kaspersky suggests that businesses should follow these steps to ensure their employees use web services safely and securely:

  • Show employees how to recognize fake or insecure websites and phishing messages. Encourage them to never enter their credentials before checking a website’s credibility, or open and download files from unknown senders.
  • Conduct basic security awareness training for your employees. This can be done online and should cover essential practices including those that protect against phishing, such as account and password management, email security, endpoint security and web browsing. Kaspersky Automated Security Awareness Platform provides such training in an easy and effective way.
  • Adopt a proven endpoint security product with web, network and mail threat protection.
  • It is also important to enhance IT managers’ expertise on relevant cyberthreats and how to prevent them. Kaspersky Endpoint Security Cloud now provides Cybersecurity for IT Online training that allows them to learn new skills on how to classify malware and how to recognize malicious and suspicious behavior in software. It is available as a beta version on the product management console.

About Kaspersky

Kaspersky is a global cybersecurity company founded in 1997. Kaspersky’s deep threat intelligence and security expertise is constantly transforming into innovative security solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe. The company’s comprehensive security portfolio includes leading endpoint protection and a number of specialized security solutions and services to fight sophisticated and evolving digital threats. Over 400 million users are protected by Kaspersky technologies and we help 270,000 corporate clients protect what matters most to them. Learn more at usa.kaspersky.com.

[1] According to anonymized statistics of events detected by Kaspersky Endpoint Security Cloud during beta testing. The statistics consist of depersonalized metadata voluntarily provided by Kaspersky customers.

https://usa.kaspersky.com/about/press-releases/2020_kaspersky-research-finds-social-networks-messengers-and-external-cloud-services-are-most-often-exploited-by-cyber-fraudsters

Leave a Reply

Your email address will not be published. Required fields are marked *