The last quarter of the year is a fruitful time for cybercriminals, who prey on users rushing to get a good deal ahead of the holidays. Black Friday, Cyber Monday and the pre-Christmas shopping rush see growth not just in sales, but also in malicious activity.
Kaspersky researchers detected a 9.5% growth in financial phishing alone in the last quarter of 2019, with spam and scam activity also growing in numbers and variety. Ironically, the news comes as the world marks Safer Internet Day on 11 February.
With the holiday season over, analysis of the threat landscape during the period provides better understanding of changes in fraudulent activities. In 2019, the share of financial phishing continued to grow, surpassing over half (52.61%) of all phishing attempts in Q4.
Financial phishing dynamics in 2019
|Financial phishing total||43.19%||52.61%|
Phishing remains an effective way of luring users into handing over their personal data and credit card credentials to cybercriminals. Popular brands are most often used as bait. One of the examples discovered by Kaspersky was a fake Amazon page, offering users Christmas promotions so criminals could steal their Amazon Prime credentials.
Such scams often prove effective. The analysis of phishing activity using the eBay and Alibaba brand-names as bait showed significant growth just before big shopping holidays. Just a few days before Black Friday sales, the number of users trying to access eBay phishing pages grew four-fold, reaching over 8,000 attempts daily. These high levels of visits were retained until mid-December, with an additional peak a week before Christmas. A similar pattern was seen with phishing versions of the Alibaba website.
The number of blocked attempts to visit phishing versions of eBay (right) and Alibaba (left) by Kaspersky users
Spam emails also showed slight growth in the holiday season, but a significant diversification in topics. Criminal schemes varied from promises of Christmas donations, to scams with attempts to steal cryptocurrency, or malicious emails sent to organisations as fake urgent Christmas orders.
Such holiday-related scams and spam emails are not exclusive to the Christmas season alone. Users in South East Asia also received typical ‘gift offers’, but instead tied to Lunar New Year.
“The holiday season is a time for impulse purchases and rash decisions. Pressure to get a good deal or buy presents can mean that users are distracted, making it easier for cybercriminals to take advantage of them. The hope of securing an amazing gift at a fantastic price, especially at this time of year, is a hard one to break. Criminals capitalise on that hope all year long, with the end of the year an especially fruitful time for them. Of course, this does not mean that anyone should abstain from shopping ahead of the holidays – users just need to pay extra attention to their credit card payments. It is possible that a subscription or a delayed charge for a present for friends or family could turn out to be fraudulent, as criminals often do not use stolen data straight away” – comments Tatyana Sidorina, security analyst.
Read the full holiday season spam and phishing report on Securelist.com.
To stay safe from spam and phishing, follow this simple advice:
- If you receive a link to a great offer via email, make sure to check the embedded hyperlink – sometimes it may differ from the visible one. If it does, access the deal page directly through the legitimate website
- Only make purchases through official marketplaces and pay attention to the web addresses if you are redirected to them from other landing pages. If they differ from the official retailer, consider checking the offer you were redirected to by looking for it on the official web page
- Use a security solution with behaviour-based anti-phishing technologies, such as Kaspersky Security Cloud or Kaspersky Total Security, which will notify you if you are trying to visit a phishing web page
- Never use the same password for several websites or services, because if one is stolen, all your accounts will be made vulnerable. To create strong, hack-proof passwords without having the struggle of remembering them, use password managers, such as Kaspersky Password Manager
TikTok takes on COVID-19
The fastest growing social media platform in the world has also become an epicenter of public education about the coronavirus, attracting more than 30-billion views, writes ARTHUR GOLDSTUCK
The young have been getting a bad rap for wanting to party on while COVID-19 sends the world into lockdown. But a different movie is playing itself out on the social platform that is growing fastest among teenagers: TikTok.
Awareness campaigns by TikTok itself, collaboration with the International Red Cross, and spontaneous videos made by TikTok creators have combined into a barrage of information, education, awareness and social consciousness around the coronavirus.
Both globally and in South Africa, TikTok’s COVID-19 campaigns have gone viral.
The local #HayiCorona challenge, designed to remind people not to touch their face and wash hands regularly, has passed 1.5-million views. The TikTok collaboration with the International Red Cross, the #WashingHands challenge, has passed 12.6-million views.
One of the best-known participants in these challenges is the past year’s icon of South African talent, the Ndlovu Youth Choir, took up the global challenge with a 20-second hand-washing video. It put together a performance that brings tremendous energy to what can be a clichéd message, and ends with a punt for the Department of Health’s WhatsApp information service. The video can be viewed below.
“On a global scale, TikTok also partnered with the World Health Organization (WHO) to ensure that, while creators are still having fun and expressing themselves on the platform, they stay informed with COVID-19 information coming from a reliable source,” a TikTok spokesperson told us. “Through the partnership, the WHO has created an informational page on TikTok that offers information to curb the spread of the coronavirus as well as dispelling myths.”
The page can be viewed at https://vm.tiktok.com/GHTEGf
TikTok has hosted a number of livestreams with WHO experts, attracting users from more than 70 countries, tuning in for live question and answer sessions. It has also introduced labels on coronavirus-related videos, to point users to trusted information. Resources are also offered directly in the app and in a dedicated COVID-19 section of TikTok’s Safety Center, at https://www.tiktok.com/safety/resources/covid-19.
If users simply want to explore videos on the topic, they can search via the #coronavirus hashtag, or click on https://vm.tiktok.com/swKbn4. The hashtag has had an astonishing 33.8-billion views, indicating the scale of activity and interest around the topic on the platform.
Read more on the next page about how South Africans have embraced the campaign.
On World Backup Day: backup, backup, backup
It was World Backup Day yesterday, 31 March, at a time when business continuity is threatened as never before. That makes calls for protecting email and defending against ransomware all the more urgent.
The global coronavirus pandemic has brought into stark relief many organisations’ lack of business continuity plans and policies. With more than two billion people around the globe in forced lockdown in wide-ranging government efforts to stem the tide of infections, an unprecedented number of employees are working remotely.
This interruption to the normal way of work is precisely what an effective and resilient business continuity strategy should plan for, says Heino Gevers, cybersecurity specialist at Mimecast.
“Companies need uninterrupted access to critical business applications during times of disruption, including safe and secure web and email access for workers that are now operating outside the normal perimeters of the organisation,” he says. “In addition, comprehensive backup and archiving solutions should be ready to restore access to critical business applications should there be any unplanned downtime to ensure continuity until the crisis passes.”
According to Gevers, the current global crisis is likely to push business continuity up the list of priorities for many organisations that have been disrupted by the effects of the coronavirus.
“Organisations are facing new challenges to their productivity; for example in terms of technical support. If a remote user is infected with malware or ransomware, how does the IT team restore that device or do any remediation without being able to physically access it?”
Gevers advises that organisations implement tools that enhances the data protection capabilities of commonly-used tools such as Office365 and can leverage archived data to provide quick recovery of email data in the event of accidental loss, malicious attacks or technical failure.
“As adoption of cloud-based business applications grow in the wake of forced lockdowns around the globe, companies need to ensure they have the tools to recover in any situation,” he says. “This includes a data management strategy that combines archiving, backup and data protection capabilities to allow for quick restoration of critical systems and applications in the event of disruption.”
Jasmit Sagoo, head of technology at Veritas for the United Kingdom and Ireland, warns that this is a golden age for cybercriminals looking for ransomware opportunities.
“As the global cost of ransomware continues to grow, this World Backup Day,
Veritas is saying: ‘don’t pay up, back up!’,” he says. “Ransomware is
said to generate an estimated annual revenue of $1 billion a year, and
companies who are not consistent in backing up their data are allowing
criminals to line their pockets.
“Ransomware attacks exist only because some businesses can’t survive unless the hackers give them back their data. So, the key to survival is removing that reliance and being able to regain access to data, without engaging with the cybercriminals. The best way to do that is with a sound backup strategy.
“Sagoo advises organisations to create isolated, offline backup copies of their data to keep it out of reach of any attackers. They then need to proactively monitor and restrict backup credentials, while running backups frequently to shrink the risk of potential data loss. Businesses should also test and retest their ransomware defences regularly.
“Ransomware strikes without warning and it doesn’t discriminate between its targets – it can happen to any organisation, large or small. Despite their best efforts, most companies will fall to at least one attack. What distinguishes one victim from another is the ability to bounce back, which ultimately depends on its backup strategy.
“When ransomware hits, organisations that aren’t prepared often feel helpless to do anything other than to submit to their attacker’s demands. That’s why we’re urging all businesses to use World Backup Day as a catalyst to get ahead of the situation and get their data protected.”