Attacks targeting social networks present a small percentage of all phishing scams, but became more common in the second half of 2006 as hackers used them to seed botnets through malware distributed on sites including MySpace, LiveJournal and Orkut.

Several leading social networks have also proven vulnerable to XSS exploits, serving as a laboratory for phishers to test new technical attacks and social engineering techniques. The Netcraft Toolbar blocks common cross-site scripting attacks, protecting users from coding weaknesses in trusted sites, and has also protected users from many attacks on MySpace due to the prompt reporting of spoofing sites by the Netcraft Toolbar Community.