Kaspersky analysis has revealed that phishing attacks are becoming increasingly more targeted. A number of new tricks have also been found – from HR dismissal emails to attacks disguised as delivery notifications. As a result of such tendencies, security solutions have detected 2,578,501 phishing attacks in Egypt, UAE, Saudi Arabia, Qatar, Kuwait, Bahrain, and Oman. These and other findings are documented in Kaspersky’s new spam and phishing in Q2 2020 report.
Users in Saudi Arabia have been influenced the most by this type of threat: there were 973, 061 phishing attacks detected in 3 months. It was followed by (UAE 617,347), Egypt (492,532), Oman (193,379), Qatar (128,356), Kuwait (106,245), Bahrain (67,581).
As Kaspersky analysis has indicated, in Q2 2020, phishers increasingly performed targeted attacks, with most of their focus on small companies. To attract attention, fraudsters forged emails and websites from organizations whose products or services could be purchased by potential victims. In the process of making these fake assets, fraudsters often did not even try to make the site appear authentic.
The news agenda, following the COVID-19 outbreak, has already influenced the “excuses” fraudsters use when asking for personal information. This included disguising their communications with unsuspecting users as: Delivery services, Postal services, Financial services, HR services.
Kaspersky experts advise users to take the following measures to protect themselves from phishing:
• Always check online addresses in unknown or unexpected messages, whether it is the web address of the site where you are being directed, the link address in a message and even the sender’s email address, to make sure they are genuine and that the link in the message doesn’t hide another hyperlink.
• If you are not sure that the website is genuine and secure, never enter your credentials. If you think that you have may have entered your login and password on a fake page, immediately change your password and call your bank or other payment providers if you think your card details were compromised.
• Use a proper security solution with behavior-based anti-phishing technologies, which will warn you if you are trying to visit a phishing web page.