MANAMA: Attacks related to data loss threats (phishing and scam/social engineering) shot up by 188 per cent in Bahrain during Q2-2022 when compared with the previous quarter, shows analysis by Kaspersky.
The Russian cyber-security firm said it detected 735,244 phishing attacks in the kingdom in Q2.
Social engineering which is sometimes called ‘human hacking’ is used in many ways, and for different purposes, to lure unwary users to the site and trick them into entering personal information.
The latter often includes financial credentials such as bank account passwords or payment card details, or login details for social media accounts. In the wrong hands, this opens doors to various malicious operations, such as money being stolen or corporate networks being compromised.
Phishing is a strong attack method because it is done at a large scale.
By sending massive waves of emails under the name of legitimate institutions or promoting fake pages, malicious users increase their chances of success in their hunt for innocent people’s credentials.
Phishers deploy a variety of tricks to bypass e-mail blocking and lure as many users as possible to their fraudulent sites.
A common technique is HTML attachments with partially or fully obfuscated code. HTML files allow attackers to use scripts, obfuscate malicious content to make it harder to detect, and send phishing pages as attachments instead of links.
In particular, while the vacation season is high, scammers are trying to lure travellers who are looking for interesting places to go, cheap places to stay and reasonably priced flights.
Kaspersky researchers have observed intensified scamming activities, with numerous phishing pages distributed under the guise of airline and booking services. The number of attempts to open phishing pages related to booking and airline services in the first half of 2022 was 4,311 in the META region.
“Planning a vacation is not easy. People can spend weeks, even months, looking for the perfect place to stay and the tickets to get them there. Fraudsters use this to lure users that have grown tired of searching for great deals. After two years of flight restrictions imposed by the pandemic, travelling is back. But so are travel scams – with intensified scamming activity targeting users through fake booking and rental services. Such attacks are totally preventable, which is why we urge users to be sceptical about overly generous offers. If an offer seems too good to be true, it probably is,” commented Mikhail Sytnik, security expert at Kaspersky.
Meanwhile, Bahrain-based respondents to a survey done by Kaspersky said 64pc of them faced phishing scams when using online banking or mobile wallet services.
Six out of 10 said they have personally encountered fake websites, and three out of four admitted facing scams (via texts or calls) using social engineering.
When asked about awareness of threats against digital payment methods, the majority of respondents reported that they are aware of both the financial phishing attacks (84pc) and online scams (86pc).
As many as 81pc also stated that they are informed about banking malware on PCs and on mobile. This type of malicious software steals money from users’ bank accounts.
However, an overwhelming number (91pc) of respondents thought that banks and payment companies should educate users more about the threats online.
The Kaspersky Digital Payment survey studied human interactions with online payments. It also examined attitudes towards them, which hold the key to understanding the factors that will further drive or stem the adoption of this technology.
The study was conducted by research agency Toluna across the Middle East, Turkey, South Africa, and Nigeria. Survey responses were gathered in February-March 2022 with a total of 2,004 respondents surveyed across the stated countries.
avinash@gdnmedia.bh
&uuid=(email))