Technology
Nigeria, S/Africa, Others Record 2 million Phishing Attacks
By Adedapo Adesanya
Internet security solutions giant, Kaspersky, has revealed that phishing activities were diversified as it intensified during the COVID-19 outbreak lockdown with over two million attacks in the second quarter recorded in Africa.
These and other findings were documented in Kaspersky’s new spam and phishing in Q2 2020 report.
According to the analysis, a number of new tricks have also been found – from HR dismissal emails to attacks disguised as delivery notifications. As a result of such tendencies, security solutions detected 2,023,501 phishing attacks in South Africa, Kenya, Egypt, Nigeria, Rwanda and Ethiopia.
Phishing is one of the oldest and most flexible types of social engineering attacks. They are used in many ways, and for different purposes, to lure unwary users to the site and trick them into entering personal information. The latter often includes financial credentials such as bank account passwords or payment card details, or login details for social media accounts.
In the wrong hands, this opens doors to various malicious operations, such as money being stolen or corporate networks being compromised. This makes phishing a popular initial infection method.
Phishing is a strong attack method because it is done at such a large scale. By sending massive waves of emails under the name of legitimate institutions or promoting fake pages, malicious users increase their chances of success in their hunt for innocent people’s credentials.
Kaspersky noted that the first six months of 2020, however, have shown a new aspect to this well-known form of attack.
According to sampled countries, South African users have been influenced the most by this type of threat: there were 616,666 phishing attacks detected in three months. It was followed by Kenya (514,361), Egypt (492,532), Nigeria (299,426), Rwanda (68,931) and Ethiopia (31,585).
In the Q2 analysis, Kaspersky noted that phishers increasingly performed targeted attacks, with most of their focus on small companies. It noted, “To attract attention, fraudsters forged emails and websites from organisations whose products or services could be purchased by potential victims. In the process of making these fake assets, fraudsters often did not even try to make the site appear authentic.”
According to the firm, these fraudsters leveraging on the coronavirus pandemic disguised communications with unsuspecting users ranging from delivery, postal, financial, and HR services.
Commenting on this, Ms Tatyana Sidorina, a security expert at Kaspersky noted, “When summarising the results of the first quarter, we assumed that COVID-19 would be the main topic for spammers and phishers for the past few months. And it certainly happened.
“While there was the rare spam mailing sent out without mentioning the pandemic, phishers adapted their old schemes to make them relevant for the current news agenda, as well as come up with new tricks,” she added.
Kaspersky experts then advised users to take the following measures to protect themselves from phishing. These include: checking online addresses in unknown or unexpected messages; never entering credentials on non-secure or ingenuine websites, and using a proper security solution with behaviour-based anti-phishing technologies.
By Adedapo Adesanya
The number of active internet subscribers in Nigeria increased by 0.62 per cent year-on-year in the first quarter of 2022 to 145.9 million from the 145.0 million achieved in the same period of last year.
In the Telecoms Data: Active Voice and Internet per State, Porting and Tariff Information report for Q1 2022 released by the National Bureau of Statistics (NBS), the slow growth was attributed to the inability of Nigerians to buy and register new SIM cards following directives from the federal government to halt the sale of new cards over security measures as well as the directive that all SIM cards must be linked to a National Identification Number (NIN).
The report showed that Lagos State stood top for active internet subscriptions with a total of 17,839,569 subscribers in the period under review, closely followed by Ogun State with 8,538,812 and Kano State with 8,364,587.
“On the other hand, Bayelsa had the least with 1,043,059, followed by Ebonyi and Ekiti with 1,230,081 and 1,373,888 respectively.”
The report showed that MTN, which has the largest market share in the country’s telecommunication sector, had the highest number of subscriptions in the period under review, followed by Glo and Airtel in second and third places respectively.
It was also confirmed that a total of 199,558,540 active voice subscribers were recorded in Q1 of 2022, a 3.7 per cent rise compared to 192,413,613 that it recorded in Q1 of 2021.
On a quarter-on-quarter basis, the report showed growth stood at 2.1 per cent.
On state analysis, the report showed that Lagos also had the highest number of active voice subscribers in Q1 of 2022 with 24,226,878, followed by Kano with 11,666,630 and Ogun with 11,537,006.
The report showed that Bayelsa state had the least with 1,445,123, followed by Ekiti state with 1,786,160 subscribers.
Cybercrime is nothing new in Nigeria. Part of youth culture for decades, criminal enterprises have spread across the country.
In 2020, Nigeria ranked 16th highest in the world for international cybercrimes, by the FBI. However, Nigeria ranked 47th on the Global Cybersecurity Index, showing a vast disparity between the volume of cybercrime, and the effectiveness of Nigeria’s cybersecurity.
To understand this divide, it’s important to understand where cybercrime originated in the country.
Let’s investigate…
A brief history of cybercrime in Nigeria
The roots of cybercrime culture in Nigeria date as far back as the 1980s. In those early days, Nigerian youth mainly perpetrated cybercrime through email scams.
Known colloquially as the “yahoo yahoo” business, “yahoo boys” use social engineering tactics to con their victims into sending them money. The fraudsters often use emotional pressure points or promises of high returns.
The Nigerian government took a blow in 2020 when hacker collective Anonymous declared cyberwar against them. They hacked the database of the Central Bank of Nigeria and police websites on behalf of the #ENDSARS movement.
Biggest threats to Nigeria’s cybersecurity
The landscape of global cyber threats shifts regularly. However, recent years have shown a rise in the popularity of certain types of cybercrime in Nigeria.
Social engineering tactics
Arguably the oldest cybercrime in Nigeria, social engineering continues to be a favourite of Nigerian cybercriminals. These tactics often include heartfelt backstories, pleas for help, and the promise of love, or return on investment — all via email.
These tactics play on victims’ emotions and vulnerabilities. Those who’ve been successful with these scams live frivolous lifestyles. “Yahoo boys” with fancy cars and clothes have also become role models for young people desiring the same lifestyle.
Phishing websites
Chances are you’ve ended up on a site like this before. Sometimes they pose as legitimate sites but are almost always just an attempt to collect data, or install viruses. Phishing sites are hugely popular in Nigeria as it goes hand in hand with email scams.
You only need to click on a dangerous link before a fraudster can view your data. This is where using a VPN for PC is essential. Virtual Private Networks (VPN) hide your browsing and location data from malicious phishing websites.
Insider collaboration
A significant area of concern for Nigerian businesses is insider collaboration. This occurs between criminals and employees. Fraudsters have often sent out open requests for anyone willing to cause damage to their employer for payment.
This is quite hard to track too, as hackers use valid credentials to access secure networks. Keeping logs of activities within the network can help to find leaks. This can also help to spot malicious activity in the future.
Cybersecurity vulnerabilities of third parties
One of the biggest concerns for Nigerian businesses is the security of third parties. Even if your business is a fortress, a poorly protected third-party can bring the castle tumbling down.
This is especially troubling to Nigerian businesses operating globally. More third parties mean more vulnerabilities. Only work with trusted clients and expand the scope of your cybersecurity to those you work with.
Deepfake technology
A hot-button issue in Nigeria at the moment, deepfake fraud is more common than ever. Deepfake technology is the life-like reanimation of an individual’s face, meaning you can make anyone say anything.
Unfortunately, deep-fake is only getting better. In 2018, Nigerian President Muhammadu Buhari was featured in a deepfake video. The video became so viral that the President was prompted to make a statement dismissing the video as a fake.
How Nigeria is fighting back
Policing against cybercrime in Nigeria has been inadequate for decades. Only recently has the government declared significant steps in its plan to fight the rising issue of cybercrime.
Nigeria introduces the National Cybersecurity Policy and Strategy (NCPS)
In 2021, Nigeria implemented the NCPS, which indicated cybercrime as a leading threat to Nigeria and its economy. The NCPS represents an attempt to safeguard Nigeria’s digital economy, by strengthening the country’s legal and regulatory framework.
Also ongoing is the development of the National Cybersecurity Coordination Centre (NCCC). The NCCC would ensure clear communication and a well-developed response to cybercrime across Nigeria.
Efforts like these are projected to boost cyber protections and cybersecurity awareness. While work is still ongoing, the future of cybersecurity in Nigeria looks bright.
Conclusion
Although it has been a mainstay for years, cybercrime is now starting to be taken seriously in Nigeria.
Being uncontrolled for so long, cybercrime has been able to grow steadily.
By embracing modern cybersecurity practices, Nigeria might finally rid itself of its unwanted cybercriminal image.
By Aduragbemi Omiyale
The latest edition of the Ericsson Mobility Report has predicted that 5G subscriptions will hit one billion this year and 4.4 billion in 2025, with North America expected to lead in the next five years with 9 of every 10 subscriptions in the region to be 5G by 2027.
The report, which is the 22nd of Ericsson’s network traffic insights and forecasts, also revealed that global mobile network data traffic doubled in the past two years, driven by increased smartphone and mobile broadband usage, as well as the digitalization of society and industries.
The recent statistics and forecasts highlight the strong demand for data connectivity and digital services have and are expected to have, despite the global COVID-19 pandemic and geopolitical uncertainties. Several hundred million people are becoming new mobile broadband subscribers every year.
As for the 5G subscriptions, it was stated that by 2027, the fifth-generation network will account for 82 per cent of subscriptions in Western Europe; 80 per cent in the Gulf Cooperation Council region; and 74 per cent in North-East Asia.
In India, where 5G deployments have yet to begin, 5G is expected to account for nearly 40 per cent of all subscriptions by 2027. In global terms, 5G is forecast to account for almost half of all subscriptions by 2027, topping 4.4 billion subscriptions.
According to the survey, 5G is scaling faster than all previous mobile technology generations as about a quarter of the world’s population currently has access to 5G coverage.
Some 70 million 5G subscriptions were added during the first quarter of 2022 alone and by 2027, about three-quarters of the world’s population will be able to access 5G.
“The latest Ericsson Mobility Report confirms 5G as the fastest growing mobile technology generation ever, and Ericsson is playing a key role in making it happen.
“We work every day with our customers and ecosystem partners around the world to ensure that millions more people, enterprises, industries, and societies enjoy the benefits of 5G connectivity as soon as possible,” the Executive Vice President and Head of Networks at Ericsson, Fredrik Jejdling, said.
As for the Executive Editor of Ericsson Mobility Report, Peter Jonsson, “The deployment of 5G standalone (SA) networks is increasing in many regions as communications service providers (CSPs) gear up for innovation to address the business opportunities beyond enhanced mobile broadband.
“A solid digital network infrastructure underpins enterprises’ digital transformation plans, and their new capabilities can be turned into new customer services.”
