In 2022, Kaspersky’s “anti-phishing system” prevented more than 500 million attempts to access fake websites; twice as many as in 2021. Delivery services, messenger platforms and cryptocurrency services were the means which were most often exploited to deceive victims through “phishing” attacks. These are some of the findings found in Kaspersky’s new “Spam” and “Phishing” report for 2022.
Although “spam” and “phishing” attacks are not necessarily technologically sophisticated, their configuration is based on sophisticated social engineering tactics, making them extremely dangerous for those who cannot recognize them. Fraudsters are capable of creating “phishing” websites that look identical to real ones, using them to extract sensitive information or scam people and businesses out of money. Kaspersky experts discovered that, throughout 2022, cybercriminals turned more and more to “phishing”. In 2022, the company’s “anti-phishing system” successfully blocked 507,851,735 attempts to access malicious content, double the number of attacks prevented in 2021.
Users of delivery services were the most frequent victims of “phishing” attacks, accounting for 27.38% of all attempts prevented. Scammers send fake “emails” pretending to be from well-known delivery companies and claiming there is a problem with a delivery. The “email” includes a link to a fake website, which asks for personal or financial details. If the victim does not recognize the fraud, they may unwittingly share their identification and banking details, which are then sold on dark web sites. Other popular targets of phishing attacks are online stores (15.56%), payment systems (10.39%) and banks (10.39%). Distribution of organizations targeted by “phishers” within 2022, by category.
Kaspersky experts also identified another strong trend in the “phishing” landscape for 2022: an increase in attacks carried out via “messenger” applications, with the majority of blocked attempts coming from “WhatsApp” (82.71%), “Telegram” (14.12%) and “Viber” (3.17%).
Cybercriminals are increasingly targeting social media accounts, taking advantage of people’s curiosity and need for privacy. They use tactics like offering fake updates and verified account statuses to get users to share their login details. An example of a “phishing” page that mimics a social media notification.
In addition, according to experts, cybercriminals continue to exploit people’s fears and anxieties related to the pandemic, as well as use cryptocurrency scams to extract sensitive information. These scammers take advantage of people’s fears and anxieties to steal their sensitive information.
“”Phishing” is one of the most prevalent and devastating threats in the cyber security landscape, as “phishing” pages are often the first step in a series of cyber threats that can lead to the loss of personal data, money and reputation of both individuals as well as businesses. It is vital for everyone to understand the threat and take steps to protect themselves.”
according to Olga Svistunova, security expert at Kaspersky.
In order to avoid falling victim to “spam” or “phishing” scams, Kaspersky experts recommend the following:
- Only open “emails” and click on links if you are sure you can trust the sender. When a sender exists, but the content of the message seems strange, it is worth performing a verification check through an alternative communication channel with the sender.
- Check the spelling of a website’s “URL” if you suspect it is a “phishing” page. If so, the “URL” may contain errors that are hard to spot at first glance, such as “1” instead of “I” or “0” instead of “O”.
- Use a proven security solution when surfing the web. Thanks to access to a global intelligence base on the threat landscape, these solutions are able to detect and block “spam” and “phishing” campaigns.
Read more about “Spam” and “Phishing” in 2022 in the report published on “Securelist.com”.
(Συνολικές Επισκέψεις: / Total Visits: 15)
(Σημερινές Επισκέψεις: / Today's Visits: 1)