There was a reduction in the number of phishing attacks recorded and blocked by Kaspersky in South Africa (17% decline), Kenya (48% decline), and Nigeria (13% decline) for the first half of this year when compared to the same period in 2020. While the decline does suggest and support research trends – that cybercriminals have become more targeted, focusing their efforts on advanced persistent threat (APT) campaigns in Africa – the phishing threat is still very prevalent, says Kaspersky.
“This decrease is in line with global trends and supports the decline that Kaspersky research identified happening through the course of last year already. Of course, this does not mean that organisations and consumers can ignore the risk of traditional cybercrime attacks or that phishing, as well as spam, are still not of significant concern across Africa. Instead, people need to become even more aware of cybersecurity best practice and remain vigilant to protect their personal and business systems from the risk of compromise,” says Bethwel Opil, Enterprise Sales Manager at Kaspersky in Africa.
For instance, spam constituted almost 30% of email traffic in South Africa and close to 35% in Kenya in H1 2021. The number of phishing attacks recorded in South Africa for the first half of 2021 exceeded one million at 1,031,006. In Kenya phishing attacks were recorded at 601,557, and in Nigeria 393,569. Reaching over two million attacks combined highlights that phishing is still a significant threat in Africa and illustrates the importance of ensuring cybersecurity solutions are installed on all connected devices.
“Phishing and spam remain some of the most effective ways of targeting unsuspecting users and gaining access into corporate systems or compromising personal financial and other information that can be used to perpetrate identity theft,” says Opil.
Phishing attacks across the continent have baited unsuspecting victims into handing over bank information, ID numbers, and more. Cybercriminals have become even savvier with their tactics, embracing more sophisticated technology to lure people into clicking on things they should not. For instance, the covid-19 vaccine rollout throughout Africa has given rise to ample opportunity for cybercriminals to carry out several attacks that are hidden in what, at first glance, may appear to be relevant information.
In addition to installing relevant cybersecurity solutions, individuals and businesses must consider the following tips to protect themselves against spam email and phishing:
- Use multiple email addresses. One can be for personal correspondence while another can be used for online shopping or social media.
- Never respond to any spam. Malicious users verify receipt and log responses of active email addresses.
- Always check the link, before you click – make sure the links start with https:// and not http://.
- Do not rush or panic react – scammers use such tactics to pressure you into clicking links or opening attachments.
- Keep your browser and operating system software up to date with the latest patches.
- Use anti-spam filters in addition to antivirus and Internet security solutions.