Social messaging apps like WatsApp and Telegram become choicest vehicles for staging phishing attacks: Kaspersky
Digital Edge Bureau 14 Jul, 2021 0 comment(s)Anonymized data, voluntarily provided by Kaspersky Internet Security for Android users, has shown which messenger apps are the most popular among phishing scammers. The biggest share of detected malicious links between December 2020 and May 2021 were sent via WhatsApp (89.6 percent), followed by Telegram (5.6 percent). Viber is in third place with a share of 4.7% and Hangouts has less than one percent. Countries experiencing the highest number of phishing attacks were Russia (46 percent), Brazil (15 percent) and India (7 percent). Globally, 480 detections were recorded per day.
According to research, messenger apps outstripped social networks by 20 percent in 2020, in terms of popularity among users, and became the most popular tool for communication. Survey results also show that in 2020, the global audience for messengers amounted to 2.7 billion people, and by 2023 it is expected to grow to 3.1 billion. That is almost 40 percent of the world’s population.
Kaspersky Internet Security for Android has added a new feature, Safe Messaging, which prevents users from opening malicious links that they receive in messenger apps (WhatsApp, Viber, Telegram, Hangouts) and through SMS.As a result, Kaspersky analyzed anonymized clicks on phishing links across messenger apps and found that between December 2020 and May 2021, 91,242 detections were recorded globally. According to the statistics, Kaspersky Internet Security for Android detected the biggest number of malicious links in WhatsApp, partly due to the fact that it is the most popular messenger globally. The biggest share of such messages was detected in Russia (42 percent), Brazil (17 percent) and India (7 percent).
“Statistics show that phishing in instant messenger apps is still one of the most popular tools among scammers. This is partly due to the wide popularity of these apps among the audience, as well as the ability to use the built-in functionality of applications to carry out attacks. Sometimes it can be difficult to determine whether an attack is phishing, as the difference can be just one character or a minor mistake. Vigilance combined with anti-phishing technologies form is a reliable tool in the fight against phishing in messenger apps,” comments Tatyana Shcherbakova, Senior Web Content Analyst at Kaspersky.
Among Kaspersky Internet Security for Android users, Telegram hadthe least amount of detections,but was similar in geography to WhatsApp. The biggest number of malicious links were detected in Russia (56 percent), India (6 percent) and Turkey (4 percent). High figures in Russia are probably due to the increased level of popularity of this messenger in the country.
Based on statistics, Viber and Hangouts received a smaller number of recorded detections. The key difference between them is regional representation. The biggest number of detects in Viber was identified mostly in Russia with 89 percent, and the CIS countries – Ukraine 5 percent and Belarus 2 percent, and the majority of Hangouts’ detections were from the USA (39 percent) and France (39 percent).
Tips for combating attacks
- Be vigilant and look for misspellings or other irregularities in links.
- A‘chain scheme’ is common practice, where a scammer asksa user to share the malicious link with his contacts which then looks legitimate to other users,as it is from a person they know. Be aware and don’t share any suspicious links with your contacts.
- Scammers often use WhatsApp and other messengers to communicate with users who were found on a legitimate resource (for example, various marketplaces and accommodation booking services) and also use them as a method of communication in malicious messages. Even if messages and websites look real,the hyperlinks, most likely, will have incorrect spelling, or they can redirect you to a different place.
- Even if a message or letter came from one of your best friends, remember that their accounts could also have been hacked. Remain cautious in any situation. Even if a message seems friendly, be wary of links and attachments.
- Install a trusted security solution and follow its recommendations. Security solutions will solve the majority of problems automatically and alert you if necessary.