The tactics of cybercriminals are becoming increasingly sophisticated amongst more reports of attackers impersonating well-known brands to manipulate victims into passing on their personal information; making the context of attacks harder to recognise.
According to the data presented by Atlas VPN, 45 per cent of global fraud attacks abuse brand names, with the United States and Spain being the most targeted countries by phishing attacks.
The data is based on Outseer Fraud and Payments report Q4 2021. The research presents an analysis of fraud attacks and consumer fraud data and insight into the cyber fraud landscape for consumer-facing organisations of all sizes.
Brand abuse accounted for 45 per cent of all fraud attacks worldwide in 2021 Q3, typically impersonating trusted brands to mislead users in digital channels, such as social media. An Atlas VPN report from last year revealed how brands such as Facebook, Microsoft and Crédit Agricole were the most impersonated brands in 2021 H1.
Typically distributed through third-party app stores, cybercriminals have also been found to be exploiting brands’ reputations through the use of rogue mobile apps, which accounted for 39 per cent of fraud attacks worldwide. Last year, for example, cybercriminals used fake TikTok apps to carry out Covid-19 related scams.
On a similar note, the use of phishing attacks accounted for 14 per cent of fraud threats in 2021 Q3. Phishing cyberattacks use social engineering to steal information from users under false pretences, either by email, phone calls, or social media and text messages. Phishing attacks have become popular among cybercriminals for their simplicity and effectiveness.
Trojans represented only two per cent of fraud attacks worldwide. A trojan horse is a stealthy malware that typically acts as an actual file or an application to trick you and steal your personal information.
Where are phishing attacks happening?
Phishing attacks allow cybercriminals to target multiple countries to discover exactly where an attack would be the most effective in terms of garnering profit.
Geographically, cybercriminals chose to target users in the United States during 21 per cent of all the phishing attacks that took place in 2021 Q3. The US is threatened by phishing the most as attackers hope to get access to corporate accounts, spreading the malware further. Other phishing instances include Russia and China state-sponsored attacks to obtain classified information on the US government.
Spain was subject to 14 per cent of phishing attacks during this time. When delving deeper into the nature of Spanish attacks, phishing campaigns were seen to target drivers with emails informing them about supposed fines, while actually, the link would download malware on the device if clicked.
At the same time, South Africa suffered from 12 per cent of phishing threats carried out in 2021 Q3. Attackers targeted the Philippines next with nine per cent of worldwide phishing attacks, whilst Greece ranked fifth as cybercriminals directed seven per cent of phishing threats towards the European nation.
Fraudsters targeted each Canada and the Netherlands with six per cent phishing attacks in 2021 Q3. The remaining amount of attacks were split across 15 per cent of other nations.
Fraud attacks require the user to identify and assess possible threats, so employee training and general tech-savviness are essential when mitigating fraud risks. However, as humans are prone to make mistakes, anybody could fall for a sophisticated scam. Businesses should set up cybersecurity solutions to back people up in such cases.