Kaspersky's latest report revealed that attacks related to data loss threats (phishing and scams/social engineering) increased significantly in Africa in Q2 2022 compared to the previous quarter. The company's security solutions detected 10.722.886 phishing attacks in Africa in Q2.
Kenyan users were most influenced by this type of threat: 5.098.534 phishing attacks were detected in 3 months – a growth of 438% in relation to the previous quarter.
It was followed by South Africa (4.578.216 detections and a 144% growth) and Nigeria (1.046.136 detections and a 174% growth).
Social engineering, which is sometimes referred to as “human hacking“, are used in many ways, and for different purposes, to lure unsuspecting users to the website and trick them into entering personal information.
The latter often includes financial credentials such as bank account passwords or payment card details, or login details for social media accounts.
In the wrong hands, this opens the door to various malicious operations, such as stealing money or compromising corporate networks.
BUT: One in three untrained employees click on a phishing email
O Phishing it is a strong attack method because it is done on a large scale. By sending massive waves of emails under the name of legitimate institutions or promoting fake pages, malicious users increase their chances of success in their pursuit of innocent people's credentials.
Os Phishing deploy a variety of tricks to bypass email blocking and lure as many users as possible to their fraudulent sites.
A common technique is HTML attachments with partially or fully obfuscated code. HTML files allow attackers to use scripts, obfuscate malicious content to make detection harder, and send phishing pages as attachments instead of links.
In particular, while the holiday season is high around the world, scammers are trying to lure travelers who are looking for exciting places to go, cheap places to stay, and reasonably priced flights.
Kaspersky researchers observed heightened scam activity, with numerous phishing pages distributed under the guise of airline and reservation services. The number of attempts to open phishing pages related to booking and airline services in the first half of 2022 was 4.311 in the Middle East, Turkey and Africa region.
BUT: Nigeria and South Africa face a phishing epidemic
To stay safe from phishing and scams, Kaspersky experts recommend:
Look carefully at the address bar before entering any sensitive information, such as your login details and password. If something is wrong with the URL (i.e. spelling, it doesn't look like the original, or it uses some special symbols instead of letters) don't enter anything on the site. If in doubt, check the website's certificate by clicking the lock icon to the left of the URL.
Do not click on links that come from unknown sources (either through emails, messaging applications or social networks).
Visiting the company's official website if you see a sweepstakes offered via email or on social media by a travel company, or an airline to confirm that the sweepstakes exists. You should also carefully check the links that the sweepstakes announcement takes you.
Use a good security solution that can protect you from spam emails and phishing attacks.
