Kaspersky’s New Spam and Phishing Report has revealed that they detected 2,023,501 phishing attacks in South Africa, Kenya, Egypt, Nigeria, Rwanda and Ethiopia in the second quarter of 2020.
According to the report, the attacks have become more targeted with the scammers coming up with new tricks such as using fake HR dismissal letters or even delivery notifications to lure people.
Phishing is one of the oldest engineering tricks on the internet used to lure unwary users to suspicious sites where their personal data is harvested. This information includes financial details such as bank account passwords, payment card details or login details for various websites.
Armed with such information, the phishers can launch malicious operations including stealing money and compromising corporate accounts or your reputation.
According to the report, South Africa had the biggest number of attacks at 616,666 within three months. This was followed by Kenya with 514, 361 attacks, Egypt at 492,532 attacks, Nigeria at 299,426, Rwanda at 68,931 and Ethiopia at 31,585.
Phishing is normally carried out in large scale with attackers invoking the names of highly legitimate corporate institutions to a wide mass to increase their chances of success. The first half of 2020 showed how the attackers took a different angle in phishing.
As the phishers geared more toward targeted attacks, they focused on small businesses. In a bid to quickly attract attention, they used fake websites and forged emails where potential victims could be tricked to carry out purchases from. In the process of carrying out the attacks, the phishers rarely tried to make the websites look authentic.
Targeted phishing attacks can have serious consequences on the individual or institution. once a fraudster gains access to an employees’ mailbox, they can use it to carry out further attacks on the company the employee works for, other staff and even external contractors.
The attackers also used the Covid-19 outbreak as a reason to pry for personal information knowing more people would probably let their guard down at the reference.
The communication to unsuspecting users was disguised as:
Delivery services; As the Covid-19 pandemic peaked, more delivery organizations increasingly sent out notifications of possible delays to their clients. The phishers copied such emails, asking users to open attachments purported to contain the address of a warehouse where they could physically collect their packages.
Postal services; This was an original move by the fraudsters sending a message containing an image of a postal receipt. Intrigued recipients would quickly accept the attachment, which although claimed to be JPG was an executable file in its full version and contained the noon spyware.
Financial services; In the second quarter, bank phishing attacks used emails containing offers of various benefits and bonuses extended to customers due to the pandemic. The emails to customers contained links or a file with farther instructions. Upon accepting or clicking on the link, the fraudsters could easily gain access to users’ computers, personal information or authentication data for various services.
HR Services; As the Covid-19 pandemic took root in many countries, unemployment rates in many industries soared. Fraudsters took advantage of the situation to send out emails purportedly containing adjustments to medical leave procedures, surprise dismissals and changes to the company. As is expected, the emails contained malicious attachments including a Trojan-downloader.MSOffice.SLoad.gen file. The Trojan file is mostly used to download and install encryptors.
“When summarizing the results of the first quarter, we assumed that COVID-19 would be the main topic for spammers and phishers for the past few months. And it certainly happened. While there was the rare spam mailing sent out without mentioning the pandemic, phishers adapted their old schemes to make them relevant for the current news agenda, as well as come up with new tricks,” comments Tatyana Sidorina, security expert at Kaspersky.
Kaspersky experts gave a few recommendations to protect yourself from phishing.
For starters, ensure that you correctly check online addresses in unknown or unexpected messages. This could be a link to a website, the sender’s email address or the link containing the message.
Ensure that the URL is genuine and that there is no hidden hyperlink. Secondly, if you are not certain about the authenticity of the website, do not enter your credentials. If you suspect that you have entered your credentials in a fake page, immediately change your password and call your bank and other payment providers in case your payment details have been compromised.
Lastly, use a proper security solution provider with anti-phishing technologies which will give you a warning if you are trying to visit a phishing web page.