Malicious URLs surge in SA

Staff Writer
By Staff Writer, ITWeb
Johannesburg, 22 Nov 2021

The number of unique malicious URLs detected in SA for the second quarter of 2021 has increased to 6.8 million compared to the 5.7 million found in the previous quarter − a 19% increase.

On the positive side, the number of Web threats blocked in SA decreased to 15.4 million from the 17.3 million detected in the same time frame.

These were two of the findings of Kaspersky’s threat evolution report, which says that globally, close to 1.7 billion Web threats were blocked in the same period, an increase of 87% when compared to the previous year.

The report is based on the threats that were detected or prevented by the company's anti-malware solutions. It also revealed that the company saw more than 674 million unique URLS as malicious, a significant jump from the 286 million of the year before.

An evolving landscape

According to Bethwel Opil, enterprise sales manager at Kaspersky in Africa, the threat landscape is evolving as more sophisticated technology becomes available.

“The significant increase of malicious URLs in SA also indicates how phishing and related malware have grown in popularity by threat actors who are targeting people working outside of the relative safety of the office network,” he adds.

Web threats cover a broad spectrum of attacks, including phishing and malware.However, other threats, like offline data theft, can also be considered part of this group. 

In fact, over 30 million Web threats were seen across SA, Kenya, and Nigeria combined between April and June this year. Financial threats emerged as a cause for concern worldwide with at least one piece of banking malware being blocked on the computers of 119 252 unique users during Q2 2021.

Although SA accounted for only 0.4% of the global risk when it comes to financial threats, local users must be mindful of how increasingly targeted these attacks have become. For example, bad actors are using social engineering and other tactics to develop more personalised attacks against executives and government leaders.

Mobile threats

On the mobile side, globally and during the same time period, 14 465 672 malware, adware and riskware attacks were prevented, and the security giant found that the largest share of all detected threats accrued to RiskTool programs, 38.48%.

A RiskTool is a program with various functions including concealing files in the system, hiding the windows of running applications, or terminating active processes. This group includes crypto-currency miners that generate coins using the target device’s resources.

Opil says: “Of course, there are a variety of Web security threats in the market. They typically include human and technical manipulation to attack. Some of the most common web threats include social engineering, malicious code, exploits, and cyber crime.”

The main tool behind browser-based infections is the exploit pack – which gives attackers a route to infecting machines that either have no security solution installed or have a commonly used operating system or application that is vulnerable because the user has not applied the latest updates.

To lower the risk of Web threats, users should create backups of their data, and enable multi-factor authentication to introduce additional layers of user authentication on top of traditional passwords.

In addition, regular scans for infections should be carried out, and tools, software, and operating systems must be kept up to date, ends Opil.