Phishing attacks, in which a message is sent to a person to try to get them to open a link and hand over details or information to a fake website or application, have surged in Israel during the second quarter of 2020. According to data compiled by cyber company Kaspersky, there were 896,479 cases in which people clicked on the link leading to malware. This figure marks a 60% increase over the first-quarter numbers and is three times the number of phishing attacks registered in the same time period last year.
Experts at Kaspersky explain that the coronavirus (Covid-19) pandemic is largely to blame for the increase in Israel, which goes counter to global trends, which actually saw a 10% decrease in attempts from the first quarter of the year. The reason for the discrepancy is likely related to the fact that most countries saw a gradual return to normal, pre-outbreak patterns, during the course of the last three months while Israel is in the midst of a second wave and has been categorized as a ‘red state.’
Most phishing attacks take advantage of the public gloom brought about by the Covid-19 restrictions. The volume of email malware, another method of hacking, for example, was very high in countries where the pandemic is still active such as Russia, Spain, and Brazil. In terms of world-wide phishing data, it seems that the leading country in terms of attempts is Venezuela, where almost 18% of internet users have received phishing messages. Other leading countries on the list include Portugal, Tunisia, France, and Brazil.
The main victims of phishing attacks in the business world are online stores and traders, web-based portals, and banks. Social media networks, to much surprise, were relegated to fourth place. Phishing attacks are most often designed to gain access to usernames and passwords, access to internal systems that allow goods to be stolen, or industrial espionage. Banks are also considered an elite target and access details for their internal systems are traded at very high prices in hacker chat rooms.
Phishing attacks are meant to mimic legitimate emails or text messages. It is not always about trying to get users to type in personal details or access information. There are also campaigns that send a text message with a link that dials a call to a hotline, that charges hundreds of shekels per minute. Such a campaign was spotted in Israel in which phony text messages offered a connection to an erotic dating service. Pressing a link that promises the user such an experience activates the dialing. Israeli phone service providers have reportedly blocked the troubling number.
In order to cope with the challenges of phishing attacks, it is important to follow a few general guidelines: pay close attention to the spelling of the email accounts or websites that are linked. In fake messages, they will always appear in an unfamiliar format or with spelling mistakes; when in doubt, don’t click on the link. In addition, pay attention to the nature of the message, online services or apps will never ask you for things like passwords or personal details beyond those you submitted at registration. If you think you have been conned, immediately change your usernames and passwords. Hackers are capable of operating very quickly and in some cases, the attacks are conducted by automated systems that don’t even require a human operator.