Kaspersky, a cybersecurity company, has found that about 300,000 Nigerian Small and Medium Enterprises witnessed phishing attacks in the second quarter of 2020. This was disclosed in the Kaspersky’s new spam and phishing in Q2 2020 report.
The report also revealed that a number of new tricks have also been found – from HR dismissal emails to attacks disguised as delivery notifications. As a result of such tendencies, the report detected 2,023,501 phishing attacks in South Africa, Kenya, Egypt, Nigeria, Rwanda and Ethiopia.
Phishing is one of the oldest and most flexible types of social engineering attacks. They are used in many ways, and for different purposes, to lure unwary users to the site and trick them into entering personal information. The latter often includes financial credentials such as bank account passwords or payment card details, or login details for social media accounts.
Breakdown of most influenced nations
- South African users have been influenced the most by this type of threat: there were 616,666 phishing attacks detected in 3 months in the Nelson Mandela country.
- Kenya 514,361 phishing attacks
- Egypt 492,532 phishing attacks
- Nigeria 299,426 phishing attacks
- Rwanda 68,931 phishing attacks
- Ethiopia 31,585 phishing attacks
Phishing is a strong attack method because it is done at such a large scale. By sending massive waves of emails under the name of legitimate institutions or promoting fake pages, malicious users increase their chances of success in their hunt for innocent people’s credentials. The first six months of 2020, however, have shown a new aspect to this well-known form of attack.
SMEs are main targets
As Kaspersky analysis has indicated, in Q2 2020, phishers increasingly performed targeted attacks, with most of their focus on small companies. To attract attention, fraudsters forged emails and websites from organisations whose products or services could be purchased by potential victims. In the process of making these fake assets, fraudsters often did not even try to make the site appear authentic.
Once a fraudster has gained access to an employee’s mailbox, they can use it to carry out further attacks on the company the employee works for, the rest of its staff, or even its contractors.
The news agenda, following the COVID-19 outbreak, has already influenced the “excuses” fraudsters use when asking for personal information. This includes disguising their communications with unsuspecting users as:
Delivery services: At the peak of the pandemic, organisations responsible for delivering letters and parcels were in a hurry to notify recipients of possible delays. These are the types of emails that fraudsters began to fake, with victims asked to open an attachment to find out the address of a warehouse where they could pick up a shipment that did not reach its destination.
Postal services: Another relatively original move used by fraudsters was a message containing a small image of a postal receipt. The scammers expected that the intrigued recipient would accept the attachment (which, although it contained ‘JPG’ in the name, was an executable archive) as the full version and decide to open it.
Financial services: Bank phishing attacks in the second quarter were often carried out using emails offering various benefits and bonuses to customers of credit institutions due to the pandemic. Emails received by users contained a file with instructions or links to get more details.