Phishing: Targeting mainly financial sector customers

© Provided by P.ATHANASIADES & Co. SA

During the second quarter of 2018, “Kaspersky Lab” ‘s “anti-phishing” technologies prevented over 107 million attempts to visit “phishing” pages.

Of these attacks, 35.7% concerned financial services and targeted clients through false bank pages or payment pages. The IT sector was hit hardest by the time, with 13.83 attacks targeting technology companies, which rose by 12.28 percentage points over the previous quarter, according to “Kaspersky Lab” ‘s report “Spam and phishing in the second quarter of 2018”.

The above results show that in order to protect their money, users should be particularly careful with their safety when navigating the Internet.

The attacks on customers of financial institutions, including banks, payment systems and transactions via online shops, are a constant tendency to cybercrime and include stealing money and personal data. By creating fake pages that represent the original bank, payment or purchase websites, intruders collect sensitive information from unknown victims – such as their name, password, email addresses, phone numbers, credit card number and “PIN’ code.

In the second quarter of 2018, financial services users were upset, with 21.1% of the attacks involving banks, 8.17% online stores and 6.43% payment systems – exposing more than a third of the attacks overall.

© Provided by P.ATHANASIADES & Co. SA

Brazil remained the country with the largest share of users who have been attacked by “phishers” in the second quarter of 2018 (15.51%). Followed by China (14.44%), Georgia (14.44%), Kyrgyzstan (13.6%) and Russia (13.27%).

Interestingly, during the period from April to June, there were almost 60,000 attempts to visit fraudulent websites containing popular “purses” and “crypto-coins” transactions.

In addition to the known “phishing”, which helps in illegal access to accounts and private key information, digital criminals are trying to force their victims to transfer independent “crypto-coins” to them. One of the tricks is the free distribution of “crypto-coins”. Another trick of the scammers is to exploit the names of the new ICO projects to raise funds from potential investors. Using these two tricks, according to the rather rough estimates of “Kaspersky Lab”, in the previous quarter, the attackers managed to earn at least $ 2,329,317 without taking into account any revenue from classic “phishing“.

Other key findings in the report include:

Phishing:

• The main targets of “phishing attacks” have remained the same since the end of last year. They are mainly global gateways for the financial sector, including banks, payment services, and online shops.
• In comparison with the first quarter, the rate of attacks on financial institutions fell by 8.22 percentage points to 35.7%. However, IT companies added 12.28 percentage points. The share of attacks on these companies in the second quarter was 13.83 %.

Spam:

• In the second quarter of 2018, the number of unwanted messages (spam) peaked in May (51%). The average of “spam” in the global email was 50%, ie 2.16 percentage points lower than the average in the last quarter of 2017.
• China became the most popular source of “spam”, surpassing US and Germany.
• The country that was more targeted by malicious messages was Germany once again. Russia was in second place, followed by the United Kingdom, Brazil, and Italy.

The specialists of “Kaspersky Lab” advising users to take the following steps to protect them from “phishing”:

• Always check the “link address” and sender’s “email” before clicking on it
• Before clicking on any link, check whether the link that appears is the same as the actual “hyperlink” (the actual link that links you) – you can check it by placing the mouse over the link.
• Use only a secure connection, especially when you visit sites with sensitive data. As a minimum precaution, do not use unknown or public “Wi-Fi” that does not have a password. For maximum protection, use “VPN” solutions that encrypt your traffic. Remember: if you use an insecure connection, cybercriminals can invade you invisibly on phishing pages .
• To check the “HTTPS” connection name and the “domain”, when you open a website. This is especially important when using sites that contain sensitive data – such as e-banking sites, online stores, e-mail, social media sites, etc.
• Never share your sensitive data with third parties, such as login and passwords, bank card information, etc. Official companies will never ask for such data via email.
• Use a reliable security solution with “anti-phishing” technologies , such as Kaspersky Total Security, to detect and prevent “spam” and “phishing” attacks.

Source: www.pestaola.gr