By Adedapo Adesanya
The number of financial phishing attempts in the African regions increased significantly with Nigeria recording a 79 per cent jump in the second quarter of the year.
According to Kaspersky’s Financial Cyberthreats report, attacks in the financial sector are becoming increasingly corporate-oriented and shifting away from consumers as banks, payment systems, and e-commerce websites were attacked massively.
Imperfections in the transition to remote/hybrid work continue to pose a huge threat to businesses. On top of that, economic issues caused by the pandemic have further aggravated the problem. Driven by poverty and unemployment, cybercriminals have continually intensified malicious activities against customers and bank infrastructure.
Financial phishing is a deceptive way of stealing information and is gaining momentum in the region. Phishing is a type of online fraud where the scammer sends fake alerts from banks, e-pay systems and other organisations to trick consumers into sharing their financial details.
The alerts sent by the scammer can be related to loss of data, update credentials or system breakdown, which results in theft of passwords, credit card numbers, bank account details and other confidential information.
According to the Kaspersky telemetry, in Q2 of 2022, a total of 61,344 financial phishing attacks aimed at organisations were detected, an increase of 79 per cent compared to the first quarter.
Giving a breakdown, the largest share of attacks was mostly directed at e-commerce websites with 52 per cent, with payment systems hit by 42 per cent, while banks received about 6 per cent.
It was higher in Kenya, one of Africa’s booming economies, as a total of 100,192 financial phishing attacks aimed at organisations were detected in Kenya, a 201 per cent increase compared to Q1.
The largest share of attacks was directed at e-commerce websites (58 per cent), with banks (21 per cent) and payment systems (also 21 per cent).
Speaking on the report, Mr Emad Haffar, Head of Technical Experts at Kaspersky, said, “A life without the Internet is strange to us. So much so that our financial life is now digital. This is the magic of digitisation. But we also need to be aware of an unprecedented wave of challenges.
“Financial threats are one such challenge which is becoming more advanced in exploiting human behaviour and will only continue to grow. Businesses trying to stay ahead of such evolving, complex cyberattacks should make fraud prevention a focal point to control fraud transactions, eventually reduce fraud risk in the future and avoid reputation damage.”
Kaspersky highlighted certain recommendations to help businesses stay ahead of financial threats and phishing attacks, including companies needing to educate employees as they are considered the first line of cyber defence. This needs to be a continuous learning experience as well as teaching them about the red flags they need to keep an eye out for.
Similarly, organisations need to extend the dos and don’ts of cybersecurity to customers to protect themselves against phishing fraud.
It called on companies to capitalise on the Kaspersky Fraud Prevention solution, which proactively analyses and detects whether a customer’s device is infected with malware in real time.
Organisations were also charged to rely on Kaspersky Threat Intelligence to increase visibility and feed their security operations with advanced insights.