x

Africa: COVID-19 outbreak diversifies with 2 million attacks in Q2 in Africa

By Musa Isa Ahmed

Security solutions have detected 2,023,501 phishing attacks in South Africa, Kenya, Egypt, Nigeria, Rwanda and Ethiopia

Analysis has revealed that phishing attacks are becoming increasingly more targeted. A number of new tricks have also been found – from HR dismissal emails to attacks disguised as delivery notifications. As a result of such tendencies, security solutions have detected 2,023,501 phishing attacks in South Africa, Kenya, Egypt, Nigeria, Rwanda and Ethiopia. These and other findings are documented in Kaspersky’s new spam and phishing in Q2 2020 report.

Phishing is one of the oldest and most flexible types of social engineering attacks. They are used in many ways, and for different purposes, to lure unwary users to the site and trick them into entering personal information. The latter often includes financial credentials such as bank account passwords or payment card details, or login details for social media accounts. In the wrong hands, this opens doors to various malicious operations, such as money being stolen or corporate networks being compromised. This makes phishing a popular initial infection method.

South African users have been influenced the most by this type of threat: there were 616,666 phishing attacks detected in 3 months. It was followed by Kenya (514,361), Egypt (492,532), Nigeria (299,426), Rwanda (68,931) and Ethiopia (31,585).

Phishing is a strong attack method because it is done at such a large scale. By sending massive waves of emails under the name of legitimate institutions or promoting fake pages, malicious users increase their chances of success in their hunt for innocent people’s credentials. The first six months of 2020, however, have shown a new aspect to this well-known form of attack.

Targeted attacks: Small businesses in focus

As Kaspersky analysis has indicated, in Q2 2020, phishers increasingly performed targeted attacks, with most of their focus on small companies. To attract attention, fraudsters forged emails and websites from organisations whose products or services could be purchased by potential victims. In the process of making these fake assets, fraudsters often did not even try to make the site appear authentic.

Once a fraudster has gained access to an employee’s mailbox, they can use it to carry out further attacks on the company the employee works for, the rest of its staff, or even its contractors.

Jack of all trades: New tricks for old purposes

The news agenda, following the COVID-19 outbreak, has already influenced the “excuses” fraudsters use when asking for personal information. This included disguising their communications with unsuspecting users as:

Delivery services. At the peak of the pandemic, organisations responsible for delivering letters and parcels were in a hurry to notify recipients of possible delays. These are the types of emails that fraudsters began to fake, with victims asked to open an attachment to find out the address of a warehouse where they could pick up a shipment that did not reach its destination.

Postal services. Another relatively original move used by fraudsters was a message containing a small image of a postal receipt. The scammers expected that the intrigued recipient would accept the attachment (which, although it contained ‘JPG’ in the name, was an executable archive) as the full version and decide to open it. The Noon spyware was found in mailings such as these examined by Kaspersky researchers.

financial services. Bank phishing attacks in the second quarter were often carried out using emails offering various benefits and bonuses to customers of credit institutions due to the pandemic. Emails received by users contained a file with instructions or links to get more details. As a result, depending on the scheme, fraudsters could gain access to users’ computers, personal data, or authentication data for various services.

HR services. The weakening of the economy during the pandemic in a number of countries caused a wave of unemployment, and fraudsters did not miss this opportunity to strike. Kaspersky experts encountered various mailings that announced, for example, some amendments to the medical leave procedure, or surprised the recipient with the news about their dismissal. In some attachments,

“When summarising the results of the first quarter, we assumed that COVID-19 would be the main topic for spammers and phishers for the past few months. And it certainly happened. While there was the rare spam mailing sent out without mentioning the pandemic, phishers adapted their old schemes to make them relevant for the current news agenda, as well as come up with new tricks,” comments Tatyana Sidorina, security expert at Kaspersky.

Kaspersky experts advise users to take the following measures to protect themselves from phishing:

Always check online addresses in unknown or unexpected messages, whether it is the web address of the site where you are being directed, the link address in a message and even the sender’s email address, to make sure they are genuine and that the link in the message doesn’t hide another hyperlink.

If you are not sure that the website is genuine and secure, never enter your credentials. If you think that you may have entered your login and password on a fake page, immediately change your password and call your bank or other payment provider if you think your card details were compromised.

Use a proper security solution with behaviour-based anti-phishing technologies, and which will warn you if you are trying to visit a phishing web page.

Hot this week

Editors Urge Government To Create Safe, Enabling Environment For Journalists

· Ask security agents to find missing Vanguard journalistAs...

EXCLUSIVE: Buhari orders probe of Isa Funtua, AMCON over keystone and Etisalat

Following the controversy generated by the leading opposition party,...

6 Signs your boyfriend thinks you are ugly -Take note of No. 2

They say there are three kinds of people; the...

2023: South-East, Middle Belt Forum Endorses Peter Obi

The South-East and Middle Belt Forum has endorsed the...

CSO Investigative Council Reacts to Alleged Poor Construction of Abia North Road

• ..We absolve Federal Cooperative College, urge contractor to...

CSO Commends Tinubu for Implementing 77k NYSC Allowance

Save Nigeria Movement (SNM), a national civil society organization...

INEC Collapses Plans to RecallSenator Natasha in Kogi

By Noah Ocheni, LokojaThe Independent National Electoral Commission, (INEC)...

BREAKING: Renewed Hope Proactiveness In Tackling Emergencies Commended.

By Jabiru Hassan.Less than 24 hours of the sad...

INEC Rejects Petition to Recall Senator Natasha in Kogi,

By Noah Ocheni, LokojaThe Independent National Electoral Commission (INEC)...

Delta 2027: No Vacancy In Govt House, says Guwor

By Anne Azuka Speaker, Delta State House of Assembly, Rt...

Rainstorm destroys over 70 houses  in Langtang South LGA of Plateau

By Isreal Adamu, Jos No fewer than 70  houses and...

Plateau govt fumes as gunmen kill 10 persons in Bokkos LGA 

By Israel Adamu,Jos At least, 10 persons were killed on...
spot_img

Related Articles

Popular Categories

spot_imgspot_img