Cybercriminals love to exploit trends, and they’re always on top of where potential victims are going and what they’re doing online. A major trend in the last decade has been toward increased social media usage for people and organizations. It’s no longer just a medium for sharing cat pictures or talking to a college buddy. Social media is another place where business gets done. Worldwide the number of social media users was about 4.5 billion in 2021 – and cybercriminals would love to reach every single one of them.

Advertisers also want to get their messages in front of potential customers, and they know that those customers are on social media. That’s why organizations in every sector from retailers to non-profits are investing in social media ads and working with influencers to develop their channels. An estimated 96% of SMBs use social media as part of their marketing strategy. It’s been an especially important way for brands to reach potential customers during the global pandemic, both consumers and businesses. With lockdowns and travel restrictions impacting in-person sales and industry conventions, companies have been leveraging social media more as a way to connect with other companies for new business opportunities, stay in touch with partners and keep an eye on the competition.

But the faceless nature of social media also makes it ripe for fraud. An ideal stage for brand impersonation, social media has increasingly become a platform for business communication of all kinds, especially as people increasingly choose chat as a substitute for customer service by phone. That opportunity for communication allows bad actors to snag victims through phishing. In January 2021, organizations experienced about 34 social-media-related phishing attacks per month. However, in June this number rose closer to 50, representing a 47 percent increase through the first half of 2021. By September 2021, organizations were looking at more like 61 social-media-related phishing attacks per month – a shocking 82% increase in just three quarters.

Social media phishing is an avenue for trouble, just like email phishing, with two major consequences for businesses.

Misrepresentation of a Business Harms Is A BEC Risk That Reputation & Relationships

Stealing a company’s brand reputation is just like stealing its identity. Companies spend time and money building their brands and part of those efforts are spent establishing themselves as a trustworthy, upright organization that is both a good business partner and a quality company for customers to patronize. But cybercriminals love to profit from other people’s hard work. One way that they can capitalize on a company’s stellar brand reputation in the business world is to fraudulently contact companies that the brand does business with or companies that are a logical partnership fit using fake social media accounts. Bad actors can use this method to gather information, obtain credentials, and more that enable them to launch business email compromise schemes without ever sending an email.

When bad actors use a brand in business email compromise schemes or for phishing on social media, the company’s good reputation is usually damaged, undoing some of the hard work and investment that the company has done to establish it. 69% of marketers use social media to build brand awareness and that works for good and bad publicity. It’s damage that sticks around too, as negative sentiment is hard to eradicate from a company’s online reputation. Potential clients and partners that research a brand will see the fallout of scams using that brand for a long time online. In a GlobalWebIndex report, about half of people in every age group used social media to research brands before making a purchasing decision.

Retailers are often especially plagued by social media phishing. Luxury retail brands are constantly battling misrepresentation on social media, and cybercriminals use those brands to fleece and phish unsuspecting victims every day. The number of domains suspected of some degree of brand impersonation has risen by more than 360% since 2020. Cybercriminals are making an effort to quickly shift their operations to the current hot social media platform. Right now, that means they’re putting time and effort into defrauding TikTok users. Big-name retail brands like Gucci, Rolex, and Louis Vuitton were among those most heavily targeted by counterfeiters on TikTok in 2021.

Most Counterfeited Luxury Brands on TikTok 

In views of hashtagged brand misrepresentation posts

1. Gucci 13.6 million
2. Rolex 11.7 million
3. Louis Vuitton  2.08 million
4. Dior 282,700
5. Chanel  163,181

Source: ID Agent