WhatsApp Phishing URLs Increase by 13,000%

Vade Secure has published a report on phishing threats for the fourth quarter of 2019. Researchers identified the 25 most exploited brands by phishers, compiling the list by analyzing numerous phishing URLs.

As a result, WhatsApp ranked fifth in the researchers’ list, with 5,020 unique phishing URLs. This means the messenger jumped from 63rd to 5th place among the most impersonated brands used in phishing attacks, showing a dramatic increase of 13,467%.

Vade Secure explains that this surge is likely linked to a large-scale campaign inviting users to join a so-called “Berbagi WhatsApp” group containing pornographic content. Additionally, analysts report that the hosting provider 000webhost was hacked and used to host phishing pages.

Other Popular Brands Targeted by Phishers

Facebook also made the top 25, taking second place, while Instagram climbed 16 positions to reach 13th place. Facebook was used as bait in 9,795 phishing URLs, and Instagram in 1,401 URLs—almost double the previous quarter’s figure, representing a 187.1% increase.

Although the number of phishing attacks related to Facebook decreased by 18.7% in the fourth quarter of 2019, the annual total grew by 358.8%. Researchers attribute this to the rising popularity of Facebook Login. With access to a user’s Facebook account credentials, phishers can see which other apps the user has accessed via social sign-on and potentially compromise those accounts as well.