Connect with us

News

Cybersecurity: The Year Of Social Distancing Or Social Engineering? Phishing Goes Targeted And Diversifies During COVID-19 Outbreak With 2 Million Attacks In Q2 In Africa

Published

on

The year of social distancing or social engineering? Phishing goes targeted and diversifies during COVID-19 outbreak with 2 million attacks in Q2 in Africa

Security solutions have detected 2,023,501 phishing attacks in South Africa, Kenya, Egypt, Nigeria, Rwanda, and Ethiopia.

Kaspersky analysis has revealed that phishing attacks are becoming increasingly more targeted. A number of new tricks have also been found – from HR dismissal emails to attacks disguised as delivery notifications. As a result of such tendencies, security solutions have detected 2,023,501 phishing attacks in South Africa, Kenya, Egypt, Nigeria, Rwanda, and Ethiopia. These and other findings are documented in Kaspersky’s new spam and phishing in Q2 2020 report.

Phishing is one of the oldest and most flexible types of social engineering attacks. They are used in many ways, and for different purposes, to lure unwary users to the site and trick them into entering personal information. The latter often includes financial credentials such as bank account passwords or payment card details, or login details for social media accounts. In the wrong hands, this opens doors to various malicious operations, such as money being stolen or corporate networks being compromised. This makes phishing a popular initial infection method.

South African users have been influenced the most by this type of threat: there were 616,666 phishing attacks detected in 3 months. It was followed by Kenya (514,361), Egypt (492,532), Nigeria (299,426), Rwanda (68,931), and Ethiopia (31,585).

Phishing is a strong attack method because it is done at such a large scale. By sending massive waves of emails under the name of legitimate institutions or promoting fake pages, malicious users increase their chances of success in their hunt for innocent people’s credentials. The first six months of 2020, however, have shown a new aspect to this well-known form of attack.

Targeted attacks: Small businesses in focus

As Kaspersky’s analysis has indicated, in Q2 2020, phishers increasingly performed targeted attacks, with most of their focus on small companies. To attract attention, fraudsters forged emails and websites from organizations whose products or services could be purchased by potential victims. In the process of making these fake assets, fraudsters often did not even try to make the site appear authentic.

Such targeted phishing attacks can have serious consequences. Once a fraudster has gained access to an employee’s mailbox, they can use it to carry out further attacks on the company the employee works for, the rest of its staff, or even its contractors.

Jack of all trades: New tricks for old purposes

The news agenda, following the COVID-19 outbreak, has already influenced the “excuses” fraudsters use when asking for personal information. This included disguising their communications with unsuspecting users as:

Delivery services. At the peak of the pandemic, organizations responsible for delivering letters and parcels were in a hurry to notify recipients of possible delays. These are the types of emails that fraudsters began to fake, with victims asked to open an attachment to find out the address of a warehouse where they could pick up a shipment that did not reach its destination.

Postal services. Another relatively original move used by fraudsters was a message containing a small image of a postal receipt. The scammers expected that the intrigued recipient would accept the attachment (which, although it contained ‘JPG’ in the name, was an executable archive) as the full version and decide to open it. The Noon spyware was found in mailings such as these examined by Kaspersky researchers.

Financial services. Bank phishing attacks in the second quarter were often carried out using emails offering various benefits and bonuses to customers of credit institutions due to the pandemic. Emails received by users contained a file with instructions or links to get more details. As a result, depending on the scheme, fraudsters could gain access to users’ computers, personal data, or authentication data for various services.

HR services. The weakening of the economy during the pandemic in a number of countries caused a wave of unemployment, and fraudsters did not miss this opportunity to strike. Kaspersky experts encountered various mailings that announced, for example, some amendments to the medical leave procedure, or surprised the recipient with the news about their dismissal. In some attachments, there was a Trojan-Downloader.MSOffice.SLoad.gen file. This Trojan is most often used for downloading and installing encryptors.

“When summarising the results of the first quarter, we assumed that COVID-19 would be the main topic for spammers and phishers for the past few months. And it certainly happened. While there was the rare spam mailing sent out without mentioning the pandemic, phishers adapted their old schemes to make them relevant for the current news agenda, as well as come up with new tricks,” comments Tatyana Sidorina, a security expert at Kaspersky.

Read more about the new phishing techniques on Securelist.

Kaspersky experts advise users to take the following measures to protect themselves from phishing:

Always check online addresses in unknown or unexpected messages, whether it is the web address of the site where you are being directed, the link address in a message and even the sender’s email address, to make sure they are genuine and that the link in the message doesn’t hide another hyperlink.

If you are not sure that the website is genuine and secure, never enter your credentials. If you think that you may have entered your login and password on a fake page, immediately change your password and call your bank or other payment providers if you think your card details were compromised.

Use a proper security solution with behavior-based anti-phishing technologies, such as Kaspersky Security Cloud and Kaspersky Total Security, which will warn you if you are trying to visit a phishing web page.

Facebook Comments
Advertisement

News

Akufo-Addo Comes Nowhere Near Me In Delivery Of Infrastructure : John Mahama

Published

on

John Dramani Mahama has responded to claims by the governing New Patriotic Party (NPP) that he lacks credibility.

The NPP on a number of occasions has claimed that Mr. Mahama has no credibility in delivering on his promises. During the launch of the NPP manifesto, President Nana Akufo-Addo lambasted Mahama saying he has ‘zero’ credibility when it comes to the implementation of policies hence cannot be trusted. But Mr. Mahama has responded to such claims in an interview on Woezor TV on Sunday, September 20, 2020.

John Mahama in the interview challenged President Akufo-Addo to show the infrastructural projects his government has undertaken in his four-year administration.

“Ghanaians know what my track record is and I am talking about economic infrastructure and if it comes to social infrastructure, my opponent comes nowhere near me in terms of my track record. I built schools, I built hospitals, I repaired the roads, electricity, water, we expanded the Tema Port investment of over one billion dollars. We built the new Terminal three, University of Ghana Medical Centre, water supply to many communities, and extended electricity to so many communities across the country.”

Facebook Comments
Continue Reading

News

#IamFreedom: Freedom Jacob Ceasar, An African Visionary, Industrialist and Nation Builder Declares A New Africa

Published

on

Freedom Jacob Caesar, Ghanaian businesses mogul, real estate entrepreneur, and philanthropist has taken a significant mission upon his business life.

Born Nana Kwame Bediako, the Industrialist in a new documentary “The African Dream: The Man With The Audacity to Build the New Africa” has declared himself as the African Prince.

Setting the record straight, the CEO of Kwarleyz Group is known for producing the best of world-class buildings all over the world. His mission and vision for Africa are to create a new image of hosting the best designed, luxurious, and classic building in Africa.

His vision is to industrialize Africa and develop it from within reflects in the video below.

Subscribe to his Freedom Jacob Caesar’s YouTube channel below.
https://www.youtube.com/c/FREEDOMJACOBCAESAR

Follow his Instagram account here: @iamfreedom

Facebook Comments
Continue Reading

News

Woman Accused Of Sending Poisonous Letter To The White House Arrested

Published

on

A woman suspected to have sent an envelope containing the poison ricin, which was addressed to the White House, has been arrested.

Law enforcement officials told The Associated Press on Sunday, September 20, that she was arrested at the New York-Canada border.

The letter had been intercepted last week before it reached the White House. The woman was taken into custody by U.S. Customs and Border Protection officers at the Peace Bridge border crossing near Buffalo and is expected to face federal charges, the officials said. Her name was not immediately released.

The letter addressed to the White House appeared to have originated in Canada, the Royal Canadian Mounted Police have said. It was intercepted at a government facility that screens mail addressed to the White House and President Donald Trump and a preliminary investigation indicated it tested positive for ricin, according to the officials who spoke on condition of anonymity since they were not authorised to discuss the ongoing investigation publicly.

There have been several prior instances in which U.S. officials have been targeted with ricin sent through the mail.

A Navy veteran was arrested in 2018 and confessed to sending envelopes to Trump and members of his administration that contained the substance from which ricin is derived. The letters were intercepted, and no one was hurt.

In 2014, a Mississippi man was sentenced to 25 years in prison after sending letters dusted with ricin to President Barack Obama and other officials.

Facebook Comments
Continue Reading

Latest Stories

ad

Trending