Khaleej Times, Aug 7, 2022 | Muharram 9, 1444
UAE: 3.4 million phishing attacks detected in second quarter of year
Phishing and scam activities have hit the roof in UAE with a 230 per cent
increase in the number of detections during the second quarter of 2022.
Cyber security experts' Kaspersky analysis has revealed that attacks related to
data loss threats, phishing and scam or social engineering, have increased
significantly in the second quarter of 2022 at 230 per cent in comparison with
the previous quarter in the UAE.
Moreover, the company’s security solutions detected a whopping 3,481,419
phishing attacks in the UAE in Q2.
Mikhail Sytnik, a security expert at Kaspersky said, “According to Kaspersky
data, most of the Middle East countries saw a staggering increase in attacks
related to data loss threats by 159 per cent in the second quarter of 2022 with
15,012,880 phishing scam detections.”
The highest targeted country was Saudi Arabia with 5,808,946 phishing attacks, a
growth of 168 per cent.
Higher risks during vacations
Sytnik said, “In particular, while vacation season is high, scammers are trying
to lure travellers who are looking for interesting places to go, cheap places to
stay and reasonably priced flights.”
Cyber security researchers have observed intensified scamming activities, with
numerous phishing pages distributed under the guise of airline and booking
services. The number of attempts to open phishing pages related to booking and
airline services in the first half of 2022 was 4,311 in the META region.
“Planning a vacation is not easy. People can spend weeks, even months, looking
for the perfect place to stay and the tickets to get them there. Fraudsters use
this to lure users that have grown tired of searching for great deals,” he said.
“After two years of flight restrictions imposed by the pandemic, travelling is
back. But so are travel scams – with intensified scamming activity targeting
users through fake booking and rental services. Such attacks are totally
preventable, which is why we urge users to be sceptical about overly generous
offers. If an offer seems too good to be true, it probably is,” Sytnik stated.
What is social engineering?
Sytnik said social engineering, sometimes called ‘human hacking’ scams, is used
to lure unwary users to the site and trick them into entering personal
information.
“The latter often includes financial credentials such as bank account passwords
or payment card details, or login details for social media accounts,” he said.
In the wrong hands, this opens doors to various malicious operations, such as
money being stolen or corporate networks being compromised.
“Phishing is a strong attack method because it is done at a large scale. By
sending massive waves of emails under the name of legitimate institutions or
promoting fake pages, malicious users increase their chances of success in their
hunt for innocent people’s credentials,” Sytnik added.
Phishers deploy a variety of tricks to bypass e-mail blocking and lure as many
users as possible to their fraudulent sites. “A common technique is HTML
attachments with partially or fully obfuscated code. HTML files allow attackers
to use scripts, obfuscate malicious content to make it harder to detect, and
send phishing pages as attachments instead of links,” he explained.
How to keep yourself protected?
-
Carefully look at the address bar before entering any sensitive
information, such as your login details and password. If something is
wrong with the URL (i.e. spelling, it doesn’t look like the original or
it uses some special symbols instead of letters) don’t enter anything on
the site. If in doubt, check the certificate of the site by clicking on
the lock icon to the left of the URL.
-
Not clicking on links that come from unknown sources (either through
e-mails, messaging apps or social networks).
-
Visiting the business’ official website if you see a giveaway offered in
e-mail or on social media by a travel company or an airline to confirm
the giveaway exists. You should also carefully check the links the
giveaway ad leads you to.