Phishing attacks in Africa diversify, target small companies

21st August 2020

By: Schalk Burger

Creamer Media Senior Deputy Editor

     

Font size: - +

Phishing attacks – a type of social engineering digital attack – are becoming increasingly more targeted in Africa, especially at small companies, says cybersecurity multinational Kaspersky security expert Tatyana Sidorina.

Security solutions detected 2.02-million phishing attacks in South Africa, Kenya, Egypt, Nigeria, Rwanda and Ethiopia, according to Kaspersky’s second quarter 'Spam and Phishing' report.

"Such targeted phishing attacks can have serious consequences. Once a fraudster has gained access to an employee's mailbox, they can use it to carry out further attacks on the company the employee works for, the rest of its staff, or even its contractors," says Sidorina.

South African users have been influenced the most by this type of threat. There were 616 666 phishing attacks detected in the country in the second quarter.

This was followed by Kenya, with 514 361 such attacks; Egypt with 492 532 attacks; Nigeria with 299 426 attacks; Rwanda with 68 931; and Ethiopia with 31 585.

“When summarising the results of the first quarter, we assumed that Covid-19 would be the main topic for spammers and phishers for the past few months. And it certainly happened. While there was the rare spam mailing sent out without mentioning the pandemic, phishers adapted their old schemes to make them relevant for the current news agenda, as well as come up with new tricks,” says Sidorina.

To attract attention, fraudsters forged emails and websites from organisations whose products or services could be bought by potential victims.

In the process of making these fake assets, fraudsters often did not even try to make the site appear authentic, states Kaspersky.

"The news agenda, following the Covid-19 outbreak, has already influenced the 'excuses' fraudsters use when asking for personal information. This included disguising their communications with unsuspecting users as delivery, postal, human resources and financial services."

"At the peak of the pandemic, organisations responsible for delivering letters and parcels were in a hurry to notify recipients of possible delays. These are the types of emails that fraudsters began to fake, with victims asked to open an attachment to find out the address of a warehouse where they could pick up a shipment that did not reach its destination.

"Another relatively original move used by fraudsters was a message containing a small image of a postal receipt. The scammers expected that the intrigued recipient would accept the attachment (which, although it contained ‘JPG’ in the name, was an executable archive) as the full version and decide to open it. The Noon spyware was found in mailings such as these examined by Kaspersky researchers."

Additionally, bank phishing attacks in the second quarter were often carried out using emails offering various benefits and bonuses to customers of credit institutions due to the pandemic. Emails received by users contained a file with instructions or links to get more details.

As a result, depending on the scheme, fraudsters could gain access to users’ computers, personal data or authentication data for various services.

Edited by Chanel de Bruyn
Creamer Media Senior Deputy Editor Online

Comments

The functionality you are trying to access is only available to subscribers.

If you are already a subscriber, you can Login Here.

If you are not a subscriber, you can subscribe now, by selecting one of the below options.

For more information or assistance, please contact us at subscriptions@creamermedia.co.za.

Option 1 (equivalent of R125 a month):

Receive a weekly copy of Creamer Media's Engineering News & Mining Weekly magazine
(print copy for those in South Africa and e-magazine for those outside of South Africa)
Receive daily email newsletters
Access to full search results
Access archive of magazine back copies
Access to Projects in Progress
Access to ONE Research Report of your choice in PDF format

Option 2 (equivalent of R375 a month):

All benefits from Option 1
PLUS
Access to Creamer Media's Research Channel Africa for ALL Research Reports, in PDF format, on various industrial and mining sectors including Electricity; Water; Energy Transition; Hydrogen; Roads, Rail and Ports; Coal; Gold; Platinum; Battery Metals; etc.

Already a subscriber?

Forgotten your password?

MAGAZINE & ONLINE

SUBSCRIBE

RESEARCH CHANNEL AFRICA

SUBSCRIBE

CORPORATE PACKAGES

CLICK FOR A QUOTATION