Phishing attacks – a type of social engineering digital attack – are becoming increasingly more targeted in Africa, especially at small companies, says cybersecurity multinational Kaspersky security expert Tatyana Sidorina.
Security solutions detected 2.02-million phishing attacks in South Africa, Kenya, Egypt, Nigeria, Rwanda and Ethiopia, according to Kaspersky’s second quarter 'Spam and Phishing' report.
"Such targeted phishing attacks can have serious consequences. Once a fraudster has gained access to an employee's mailbox, they can use it to carry out further attacks on the company the employee works for, the rest of its staff, or even its contractors," says Sidorina.
South African users have been influenced the most by this type of threat. There were 616 666 phishing attacks detected in the country in the second quarter.
This was followed by Kenya, with 514 361 such attacks; Egypt with 492 532 attacks; Nigeria with 299 426 attacks; Rwanda with 68 931; and Ethiopia with 31 585.
“When summarising the results of the first quarter, we assumed that Covid-19 would be the main topic for spammers and phishers for the past few months. And it certainly happened. While there was the rare spam mailing sent out without mentioning the pandemic, phishers adapted their old schemes to make them relevant for the current news agenda, as well as come up with new tricks,” says Sidorina.
To attract attention, fraudsters forged emails and websites from organisations whose products or services could be bought by potential victims.
In the process of making these fake assets, fraudsters often did not even try to make the site appear authentic, states Kaspersky.
"The news agenda, following the Covid-19 outbreak, has already influenced the 'excuses' fraudsters use when asking for personal information. This included disguising their communications with unsuspecting users as delivery, postal, human resources and financial services."
"At the peak of the pandemic, organisations responsible for delivering letters and parcels were in a hurry to notify recipients of possible delays. These are the types of emails that fraudsters began to fake, with victims asked to open an attachment to find out the address of a warehouse where they could pick up a shipment that did not reach its destination.
"Another relatively original move used by fraudsters was a message containing a small image of a postal receipt. The scammers expected that the intrigued recipient would accept the attachment (which, although it contained ‘JPG’ in the name, was an executable archive) as the full version and decide to open it. The Noon spyware was found in mailings such as these examined by Kaspersky researchers."
Additionally, bank phishing attacks in the second quarter were often carried out using emails offering various benefits and bonuses to customers of credit institutions due to the pandemic. Emails received by users contained a file with instructions or links to get more details.
As a result, depending on the scheme, fraudsters could gain access to users’ computers, personal data or authentication data for various services.