WhatsApp Official Logo

WhatsApp phishing URLs grow by an astonishing 13,400%, ranking it the 5th most impersonated site online

The latest Phishers’ Favourite report is out, and WhatsApp is turning heads.

In their latest quarterly “Phishers’ Favourite” report, email security experts Vade Secure noted a 13,467.6% increase in the number of WhatsApp phishing sites. This, alongside the 640% global rise in phishing sites, further emphasises the necessity of regular user training in how to spot phishing attacks.

The report details the top 25 sites impersonated by social engineers each quarter and in Q3 2019 WhatsApp didn’t even make the list. Since then however, the Facebook-owned instant messaging giant has climbed 63 places to take the number 5 spot away from Bank of America. See image below:

The top 10 spots on the Phishers’ Favourite list.

“The staggering growth in phishing URLs stems primarily from a campaign inviting recipients to the so-called Berbagi WhatsApp group, which advertises pornographic content. Moreover, it appears web hosting provider 000webhost was hacked and used to host the phishing pages.”

Vade Secure

WhatsApp reiterated its commitment to user privacy as the company announced its user base had topped two billion.

“Today we remain as committed as when we started, to help connect the world privately and to protect the personal communication of two billion users all over the world.”

WhatsApp Blog

PayPal managed to hold onto its top spot despite seeing a 31.2% decline in discovered phishing URLs, 11,392 down from 16,547 in the previous quarter when it overtook Microsoft for the first time ever.

Phishers show no signs of slowing down, and whether the attack starts from an instant message or a phishing email, users must have the required training to safely deal with them without compromising their personal or organisational data.

Security Awareness Training remains the fastest and most cost-effective way to educate users in spotting phishing threats and reducing their susceptibility to falling for phishing attacks – their Click-Prone® Score.

If you’d like to know how many of your users would fall for a phishing attack, check out our Free Click-Prone® Test and learn how to strengthen your human firewall.

Recent posts