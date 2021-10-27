Home office, shopping and social networks are top baits for phishing
The adoption of the home office and the arrival of the shopping season were the main focuses of criminals in the composition of phishing attempts during the second quarter of 2021. Companies in the sector, especially Microsoft and Amazon, appear prominently in a period in which social networks also gained prominence, with criminals targeting credentials theft and account hacking on platforms such as WhatsApp, Facebook and LinkedIn.
The survey was done by Check Point Research, provider of cybersecurity solutions, and showed little movement at the top, despite some interesting trends. Working from home and adopting hybrid regimes, even during the resumption, generated a significant drop in the detection rate of scams involving Microsoft, but not enough to take it off the top. The company was responsible for 13% of all brand phishing attempts — in the second quarter of 2021, they were 45%.
The number, of course, does not mean that the number of hits decreases, but that criminals have changed the emphasis. Proof of this is the increase in fraud involving Amazon, with 13% of detected scams and assuming the second position in place of delivery company DHL, which was third with 9%. The arrival of the end-of-year shopping season explains this movement, with the sector expected to show an even greater increase in the current quarter, in which Black Friday and Christmas take place.
Every day a summary of the main news in the tech world for you! The survey carried out between July and September this year also placed social networks, for the first time, among the three sectors most explored by brand phishing. Although WhatsApp, Facebook and LinkedIn appear in the bottom half of the list, together, scams involving companies account for 7.7% of all fraud attempts registered by Check Point, placing it alongside the retail sector and Google, with 6%, as the main segments targeted by criminals. For experts, this is a trick that goes hand in hand with the implementation of the home office. “Without a doubt it is an attempt to take advantage of the growing number of people who have started to work and communicate remotely. Attackers are constantly trying to innovate their attempts to steal personal data by posing as leading brands,” explains Omer Dembinsky, manager of Check Point’s data research group. Despite this increasing variation, the researchers point out the repetitive methods used by scammers, with emails that copy the appearance of actual communications, similar domains, or attempted contact through social media. Dembinsky points out that there is little that brands can do to combat such attempts, but that the attention of users themselves can prevent the scams from succeeding. Attention to file attachments, links and even message content is a good way to stay safe. According to Check Point, users should also exercise caution when disclosing personal data or filling out registrations, as well as entering credentials in fields that try to simulate the appearance of legitimate websites or social networks, but send the information to criminals. Warnings with alarming tones, spelling errors or missing signatures are also signs that the received message may be fraudulent. Did you like this article? Subscribe your email on Canaltech to receive daily updates with the latest news from the world of technology.
