Phishing scams remain one of the most common cyberthreats of consequence to both individuals and businesses alike.  Phishing attacks reached an all time high of 1,025,968 in the first three months of 2022, according to the Anti-Phishing Working Group.

Many of today’s phishing attacks are social engineering schemes that are written to emotionally manipulate their targets into handing over login credentials and personally identifiable information, or to entice an action, such as paying a fraudulent invoice. Since these messages lack malicious payloads, like attachments and links, it’s harder than ever before for email security and anti-phishing tools to identify and block. 

While the most common form of phishing is done via email, phishing campaigns are increasing on SMS and social media platforms. We recently wrote about a phishing scam where cybercriminals set up Facebook Messenger chatbots to try and steal Facebook login credentials.

We look at a pair of phishing schemes targeting social media users, as well as a data breach affecting nearly 146,000 customers of a financial services company, in this week’s BlackCloak Thursday Threat Update.

Twitter and Discord users targeted in phishing schemes

What we know: A pair of phishing schemes have targeted users of Twitter and Discord. Both campaigns attempt to scare targets into turning over their login credentials. Twitter users are sent a direct message claiming their account has been flagged for hate speech, and they are asked to login to a malicious website posing as Twitter’s help center. Discord users have been receiving messages from friends and strangers accusing them of sending explicit photos. They are sent a link to a web page where they are asked to login via a QR code, which when scanned, allows the malicious actors to commandeer their account.

Recommendations: As we’ve said before, no reputable organization will ever ask over email for your login credentials, personal information, or to send money.  So if you have received, or receive in the future, a direct message from Twitter, immediately delete it and report it as malicious. In the case of the Discord scam, the phishing message is filled with poor grammar, which is a hallmark of many phishing scams. Should you receive a questionable message on Discord in the future, contact the sender outside of the the VoIP and instant messaging social platform to validate authenticity.

Aon data breach affects nearly 146K customers

What we know: The British multinational financial services company Aon disclosed that it had experienced a data breach affecting nearly 146,000 of its North American customers. Aon said cybercriminals breached its systems several times between December 29, 2020 and February 26, 2022. In its data breach notification letter, the company revealed that compromised personally identifiable information included Social Security numbers, driver’s license numbers and “in a small number of cases, benefits enrollment information.”

Recommendations: Anyone who was affected by the breach was offered a 24-month membership with an identity protection firm. Those who received a data breach notification letter should monitor their accounts for any fraudulent activity, and should consider placing a credit freeze and a fraud alert on their accounts as well.

Protect your email and social media from phishing attacks

Cybercriminals are increasingly targeting social media profiles as a way to obtain personal information, even though email remains the preferred medium for phishing. Individual profiles often hold a great deal of personally identifiable information, thus, it’s wise to take the steps to ensure your data is safe on these platforms.

Here are some steps you can take to protect your social media accounts, and information on social media impersonation schemes. And follow these directions to deactivate or delete your accounts on Facebook and Instagram if you are looking to take a break from social media,