Which messenger apps do attackers prefer?
The greatest number malicious links between December 2020 and May 2021 were sent via WhatsApp (84.9%), followed by Telegram (5.7%), Viber with 4.9% and Hangouts with less than 1%.
This was revealed by anonymised data, voluntarily provided by Kaspersky Internet Security for Android users.
According to Kaspersky, WhatsApp was number one because it is the most popular messenger globally. The greatest share of malicious messages were detected in Russia (42%), Brazil (17%) and India (7%).
Telegram had the least amount of detections, but was similar in geography to WhatsApp, with most malicious links were detected in Russia (56%), India (6%) and Turkey (4%).
Based on statistics, Viber and Hangouts received a smaller number of recorded detections, with the key difference between them, being regional representation. The largest number of detects in Viber were identified in Russia with 89%, and the CIS countries − Ukraine 5% and Belarus 2%, and the majority of Hangouts’ detections were from the USA (39%) and France (39%).
The data also showed that the countries experiencing the highest number of phishing attacks were Russia (46%), Brazil (15%) and India (7%). Globally, 480 detections were recorded per day.
Research by Spectrm, a conversational marketing automation platform, highlighted how messenger apps outstripped social networks by 20% last year, in terms of popularity among users, and became the most popular tool for communication.
Another survey by Statista, revealed that in the same year, the worldwide audience for messengers numbered 2.7 billion people, and by 2023 it is expected to grow to 3.1 billion, nearly 40% of the world's population.
Tatyana Shcherbakova, senior Web content analyst at Kaspersky, says statistics show that phishing in IM apps remain one of the most popular tools among scammers.
This is due in part, to the wide popularity of these apps, as well as the ability to use the built-in functionality of applications to carry out attacks.
“Sometimes it can be difficult to determine whether an attack is phishing, as the difference can be just one character or a minor mistake. Vigilance combined with anti-phishing technologies form a reliable tool in the fight against phishing in messenger apps,” Shcherbakova adds.
To reduce the risk of falling foul of these scams and phishing attempts, Kaspersky advises to be vigilant and look for misspellings or other irregularities in links. Also, beware of ‘chain schemes’ where scammers ask users to share malicious links with their contacts which then appear legitimate to other users, as they originate from an individual they know.
“Be aware and don’t share any suspicious links with your contacts.”