---
title: "Social Media Impersonation in Phishing: 2022&#8217;s Latest Wave of Cybercrime | Phish Protection"
description: "Social Media Impersonation in Phishing: 2022&#38;#8217;s Latest Wave of Cybercrime: Cybercrimes have escalated significantly in the past couple of years owing to."
image: "https://phishprotection.com/og/blog/social-media-impersonation-phishing-2022s-latest-wave-cybercrime.png"
canonical: "https://phishprotection.com/blog/social-media-impersonation-phishing-2022s-latest-wave-cybercrime/"
---

Quick Answer

Cybercrimes have escalated significantly in the past couple of years owing to the mass adoption of online services. Threat actors have exhibited their affinity towards social media profiles and emails, targeting innocent people to scam them out of their finances and private data using phishing to \_sell on the dark web\_, to be spread and used in impersonation scams. As per recent reports, social media is the most recent category that cybercrime groups are exploiting for malicious purposes.

Share 

[ ](https://www.linkedin.com/sharing/share-offsite/?url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fsocial-media-impersonation-phishing-2022s-latest-wave-cybercrime%2F "Share on LinkedIn") [ ](https://twitter.com/intent/tweet?text=Social%20Media%20Impersonation%20in%20Phishing%3A%202022%26%238217%3Bs%20Latest%20Wave%20of%20Cybercrime&url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fsocial-media-impersonation-phishing-2022s-latest-wave-cybercrime%2F "Share on X/Twitter") [ ](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fphishprotection.com%2Fblog%2Fsocial-media-impersonation-phishing-2022s-latest-wave-cybercrime%2F "Share on Facebook") [ ](https://reddit.com/submit?url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fsocial-media-impersonation-phishing-2022s-latest-wave-cybercrime%2F&title=Social%20Media%20Impersonation%20in%20Phishing%3A%202022%26%238217%3Bs%20Latest%20Wave%20of%20Cybercrime "Share on Reddit") [ ](mailto:?subject=Social%20Media%20Impersonation%20in%20Phishing%3A%202022%26%238217%3Bs%20Latest%20Wave%20of%20Cybercrime&body=Check out this article: https%3A%2F%2Fphishprotection.com%2Fblog%2Fsocial-media-impersonation-phishing-2022s-latest-wave-cybercrime%2F "Share via Email") 

![Phish Protection blog post image](https://media.mailhop.org/phishprotection/images/2022/05/what-is-a-zero-day-attack-2587.jpg) 

Cybercrimes have escalated significantly in the past couple of years owing to the mass adoption of online services. Threat actors have exhibited their affinity towards social media profiles and emails, targeting innocent people to scam them out of their finances and private data using phishing to _sell on the dark web_, to be spread and used in impersonation scams. As per recent reports, social media is the most recent category that cybercrime groups are exploiting for malicious purposes.

### Summary of the report

The Brand Phishing [Report](https://blog.checkpoint.com/2022/04/19/social-networks-most-likely-to-be-imitated-by-criminal-groups-with-linkedin-now-accounting-for-half-of-all-phishing-attempts-worldwide/) of Q1 by Checkpoint Research has revealed the top social media brands imitated by cybercriminals. The report reached the verdict by analyzing the first three months of 2022, revealing social media giants such as LinkedIn, Whatsapp, and DHL as some of the [most phished platforms](/blog/latest-phishing-trends-the-biggest-impersonation-targets-of-threat-actors/).

Threat actors have turned their attention from tech giants and service providers to social media, using [fake phishing emails](/content/stop-phishing-emails/) appearing as official ones luring innocent users to steal their credentials. The report also revealed shipping as their second choice to intercept and exploit e-commerce by employing _phishing emails combined with sophisticated malware_ that infects workstations.

### Key Findings

_Here are the key findings of the report:_

- LinkedIn is the **most phished social media**, with 52% of worldwide phishing attacks happening on the platform.
- DHL is the second most phished platform, with 14% of worldwide phishing attacks.
- Google, Microsoft, FedEx, Whatsapp, Amazon, Maersk, AliExpress, and Apple comprise the rest of the list of the top 10 phishing brands for 2022’s first quarter.

Before we look at how cybercriminals are employing phishing on these platforms, let us see [what is phishing](/content/phishing-prevention/what-is-phishing/) and how it can affect you.

### What is Social Media Phishing and Impersonation?

Phishing is a cybercrime where malicious actors _send genuine-looking but fake emails or social media messages_, accompanied with links leading you to malicious websites, fake login pages, payment portals, magnetic downloads, etc. Cybercriminals usually impersonate top brands by crafting phishing emails to appear as if they are from genuine services. Phishing is designed to steal login credentials, payment, and private information and download malicious software, known as malware, to infect your devices.

### How can phishing affect you?

![What is a zero day attack](https://media.mailhop.org/phishprotection/images/2022/05/what-is-a-zero-day-attack-2587.jpg) 
- **Danger via Data:** Login credentials or [data stolen via phishing](/blog/data-breaches-and-phishing-attacks-how-third-party-vendors-jeopardize-organization/) can be sold on the dark web to be used by cybercriminals to impersonate you online. In addition, compromised payment information can rob you of your finances and amass unknown debt online in your name.
- **Danger via Malware:** Malware can download on your devices without your knowledge and transmit information online. Malware can also be used to gain entry to networks, disrupt device services, and lock devices.

Now that you know what phishing is and how it can harm you, let us see how cybercriminals are employing social media impersonation.

### Latest LinkedIn Phishing Attack

The world’s current most impersonated social media, LinkedIn, is being imitated by cybercriminals to send **phishing emails**, including links to malicious login pages. The phishing emails contain the following sender’s email address, “LinkedIn (smtpfox-6qhrg@tavic\[.\]com\[.\]mx)”, cleverly crafted to make people believe the email is from the official platform.

Cybercriminals behind the email lead victims to a **fake LinkedIn login page** where users have to enter their username and password to gain entry. However, their login credentials would be stolen, providing cyber criminals access to their profiles, revealing their confidential data, private conversations, etc.

The report also revealed a peculiar phishing email incorporating malware.

### Maersk Phishing and Malware Emails

Q1 of 2022 also saw the rise of cybercriminals impersonating the shipping giant Maersk. The phishing emails appeared to be sent by the following email, “Maersk Notification (service@maersk\[.\]com)”.

The phishing **emails are highly detailed**, providing an attached bill, and making users think they have bought some product. The email hints at the email’s subject as verification of the bill, including standard information such as Transport Document Number, Reference, Booking Number, Ports of Loading, Discharge, and Delivery, and additional consignment information. But the highlight of the Maersk impersonation phishing email is a malicious link crafted to download the Remote Access Trojan named Agent Tesla to the victim’s system. The malicious link downloads a “Transport-Document” in an excel file, keeping victims from discovering the malware.

### Ways to Protect Against Social Media Impersonating and Phishing Scams

With such [sophisticated phishing attacks](/resources/history-of-phishing/) in just three months, 2022 is looking to be a long year with major cybercrimes predicted to occur. However, users can easily protect themselves against the latest cybercrimes like social media impersonation and phishing by:

![How to prevent phishing](https://media.mailhop.org/phishprotection/images/2022/05/how-to-prevent-phishing-9785.jpg) 
- **MFA:** Enabling [Multi-Factor Authentication](/blog/latest-phishing-campaign-targeting-microsoft-proves-multi-factor-authentication-risky-organizations/) can help prevent unauthorized logins by requiring additional verifications.
- **Updating Software:** Keeping your device or system’s software secure with the **latest updates** can protect against cybersecurity threats.
- **Education:** [Educating yourself](/content/employee-phishing-training/phishing-e-mail-training-for-employees/) about the common phishing and impersonation tactics can help identify them. Phishing emails often impersonate trusted brands and may employ one of the following as the email subject:
- Suspicious Login Activity or Account Usage - Updating of Payment Information - Fake Invoices or Bills - Tax Payments - Government Refunds - Free Redeemable Coupon links and more. - In addition, phishing emails are easy to spot as they contain grammatical errors. If you look closely at a link in any phishing email, you will recognize it as fake as it contains gibberish.
1. **Verification:** If you are unsure about the email’s authenticity, you can also approach the customer service or legal office to **confirm the email’s legitimacy** and confirm payments or bills.

### Final Words

2022 and the coming years are going to be tough to maintain cybersecurity. With emerging technologies transforming industries worldwide, there is going to be an increase in cybercriminals, who would want to leave no stone unturned to get access to your information assets somehow. These social media imitations scams are just one part of the more significant cybercrime scenario, which is why cybersecurity is a crucial practice that needs to be taken as a responsibility by individuals themselves and organizations at large to safeguard your online presence and keep malicious at bay.

## Topics

[ Phishing ](/tags/phishing/) 

![Brad Slavin](https://media.mailhop.org/phishprotection/images/authors/brad-slavin.jpg) 

[ Brad Slavin ](/authors/brad-slavin/) 

General Manager

Founder and General Manager of DuoCircle. Product strategy and commercial lead across DuoCircle's 2,000+ customer base.

[LinkedIn Profile →](https://www.linkedin.com/in/bradslavin) 

## Protect your inbox from phishing attacks

Real-time email security with 60-day free trial. No credit card required.

[Start Free Trial](https://portal.duocircle.com/cart.php?a=add&pid=101&brand=phishprotection) [View Pricing](/pricing/) 

## Related Articles

[  Foundational 5m  0ktapus, Okta Breach Helps Attackers Launch Sophisticated Supply Chain Attacks  Sep 5, 2022 ](/blog/0ktapus-okta-breach-helps-attackers-launch-sophisticated-supply-chain-attacks/)[  Foundational 4m  13 Spear Phishing Attacks Examples To Justify Investment For Phishing Prevention Solutions In Your Organization  Aug 1, 2019 ](/blog/13-spear-phishing-attacks-examples-to-justify-investment-for-phishing-prevention-solutions-in-your-organization/)[  Foundational 4m  All 14 centers of Kettering Health were affected by a massive ransomware attack, Major outage in the Ohio medical center  May 23, 2025 ](/blog/14-centers-of-kettering-health-were-affected-by-massive-ransomware-attack-in-ohio-medical-center/)[  Foundational 4m  2021 Phishing Trends You Need To Be Wary Of  Aug 2, 2021 ](/blog/2021-phishing-trends-to-be-wary-of/)

```json
{"@context":"https://schema.org","@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://github.com/duocircle"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://phishprotection.com/contact/"},"knowsAbout":["Phishing Protection","Email Security","Anti-Phishing","Business Email Compromise","Ransomware Protection","Time of Click Protection","Office 365 Email Security","Advanced Threat Defense"]}
```

```json
{"@context":"https://schema.org","@type":"WebSite","name":"Phish Protection","url":"https://phishprotection.com","description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","publisher":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]}}}
```

```json
{"@context":"https://schema.org","@type":"BlogPosting","headline":"Social Media Impersonation in Phishing: 2022&#8217;s Latest Wave of Cybercrime","description":"Social Media Impersonation in Phishing: 2022&#8217;s Latest Wave of Cybercrime: Cybercrimes have escalated significantly in the past couple of years owing to.","url":"https://phishprotection.com/blog/social-media-impersonation-phishing-2022s-latest-wave-cybercrime/","datePublished":"2022-05-03T06:10:16.000Z","dateModified":"2026-04-17T15:43:10.000Z","dateCreated":"2022-05-03T06:10:16.000Z","author":{"@type":"Person","@id":"https://phishprotection.com/authors/brad-slavin/#person","name":"Brad Slavin","url":"https://phishprotection.com/authors/brad-slavin/","jobTitle":"General Manager","description":"Brad Slavin is the founder and General Manager of DuoCircle, the company behind DMARC Report, AutoSPF, Phish Protection, and Mailhop. He founded DuoCircle in 2014 and has led the company's growth to 2,000+ customers across its email security product family. Brad's focus is product strategy, customer relationships, and the commercial and compliance side of email authentication (DPAs, SLAs, enterprise procurement).","image":"https://media.mailhop.org/phishprotection/images/authors/brad-slavin.jpg","knowsAbout":["Email Security Strategy","SaaS Product Management","Enterprise Compliance","Customer Success","Email Deliverability Business"],"worksFor":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com"},"sameAs":["https://www.linkedin.com/in/bradslavin"]},"publisher":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://github.com/duocircle"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://phishprotection.com/contact/"},"knowsAbout":["Phishing Protection","Email Security","Anti-Phishing","Business Email Compromise","Ransomware Protection","Time of Click Protection","Office 365 Email Security","Advanced Threat Defense"]},"mainEntityOfPage":{"@type":"WebPage","@id":"https://phishprotection.com/blog/social-media-impersonation-phishing-2022s-latest-wave-cybercrime/"},"articleSection":"foundational","keywords":"Phishing","wordCount":1022,"image":{"@type":"ImageObject","url":"https://media.mailhop.org/phishprotection/images/2022/05/what-is-a-zero-day-attack-2587.jpg","caption":"Phish Protection blog post image","width":1200,"height":630},"speakable":{"@type":"SpeakableSpecification","cssSelector":[".answer-block","h1"]}}
```

```json
{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https://phishprotection.com/"},{"@type":"ListItem","position":2,"name":"Blog","item":"https://phishprotection.com/blog/"},{"@type":"ListItem","position":3,"name":"Foundational","item":"https://phishprotection.com/foundational/"},{"@type":"ListItem","position":4,"name":"Social Media Impersonation in Phishing: 2022&#8217;s Latest Wave of Cybercrime","item":"https://phishprotection.com/blog/social-media-impersonation-phishing-2022s-latest-wave-cybercrime/"}]}
```