Phishing scams leap 234% in Africa  

Attacks related to data loss, such as phishing and social engineering, skyrocketed in Africa in Q2 2022, growing by 234% in comparison with the previous quarter.

So says Kaspersky, whose security solutions detected a whopping 10 722 886 phishing attacks across the continent in Q2.

Kenyan users have been affected the most by this type of threat  there were 5 098 534 phishing attacks detected in thee months, a growth of 438% when compared to the previous quarter. It was followed by SA with 4 578 216 detections and a growth of 144%, and Nigeria with 1 046 136 detections, or a growth of 174%.

Social engineering, also known as 'human hacking', is employed in a variety of ways, and for different purposes. It is mostly used to lure users to a specific site and fool them into entering personal information used to opens doors to various malicious operations, including compromising corporate networks.

Phishing is a successful attack method because it adopts a mud-against-the-wall approach. By sending massive waves of e-mails under the name of legitimate institutions or promoting fake pages, malicious actors increase their chances of success. Phishers use a range of tricks to bypass e-mail blocking and lure as many users as possible to their sites. A common technique is HTML attachments with partially or fully obfuscated code. These files enable attackers to use scripts, obfuscate malicious content to make it harder to detect, and send phishing pages as attachments instead of links.

Open season

After two years of flight restrictions imposed by the pandemic, travelling is back. But so are travel scams – with intensified scamming activity targeting users through fake booking and rental services, warns Mikhail Sytnik, a security expert at Kaspersky.

When planning a holiday, people spend weeks or even months looking for the perfect place to stay and the tickets to get them there,  says Sytnik, and fraudsters use this to lure users that have grown tired of searching for great deals.

Kaspersky's researchers have observed intensified scamming activities, with numerous phishing pages distributed under the guise of airline and booking services. The number of attempts to open phishing pages related to booking and airline services in the first half of 2022 was 4 311 in the META region.

Sytnik says these attacks are totally preventable, which is why Kaspersky urges users to be skeptical about overly generous offers. “If an offer seems too good to be true, it probably is.”

See also