In the first trimester of 2018, the anti-phishing technologies of Kaspersky labs prevented more than 3,6 million visits to malicious webpages on social networking sites, 60% of which were fake pages on Facebook.
According to the report issued by Kaspersky Labs about «spam and phishing in the first trimester of 2018», the results indicate that digital criminals continue to do whatever they can to take control of your personal data.
Phishing on social networking sites is a form of cyber crime, which includes the theft of personal data from accounts on social networking sites of the victims.
The fraudsters create copies of a social networking site (for example a fake page on Facebook) and try to attract unsuspecting victims, making them to enter their personal data – such as name, access code, credit card number, PIN, and more.
At the beginning of the year, Facebook was the most popular social networking website selected by cyber criminals and pages of Facebook are often violated by them by trying to steal personal data through phishing.
This behavior is part of a long-term trend: the first trimester of 2017, Facebook became one of the three most popular phishing targets with 8%, followed by Microsoft Corporation (6%) and PayPal (5%).
The first trimester of 2018, Facebook led the category of phishing targets on social networking sites, followed by VK – a Russian social networking site – and LinkedIn. There as on is probably the 2,13 billion active users of Facebook worldwide, including those who connect to unknown applications using their Facebook account, providing access to their accounts.
All the above confirm the fact that personal data is valuable in the world of technology and digital information – for both legitimate organizations and attackers as well.
Digital criminals constantly seek new methods to impinge on users, so it is important to know the deceiving techniques used by them to avoid future attacks.
How to protect yourself online
Top security specialists advice users to take the following safety measures to protect themselves from online phishing:
• Always check the address and the sender name of an email before you click on it – even better do not click on links inside the email but type it on the address bar of the web browser you use.
• Before you click on any link, check if the address on the link which appears is the same with the actual hyperlink (the actual address which has the link) – you can check it by hovering the mouse above the link.
• Use only a safe connection, especially when you visit sensitive websites. The minimum precaution is not to use unknown or public Wi-Fi without being secured with an access code. For maximum protection, use a VPN service which encrypts your connection and hides your online activities. Remember: if you use one unsafe connection, the digital criminals can direct you to phishing pages without noticing it.
• Check the HTTPS and the name of the domain when you open a webpage. This is very important when you use websites which contain sensitive data.
• Never share your personal data, such as access codes, credit cards details etc. Official businesses will never ask you for those details through an email.
• Use a reliable antivirus product with anti-phishing and anti-malware technologies, for the detection and the prevention of spam and phishing attacks.
• The main targets of phishing attacks have remained the same since the end of last year. They mainly include world online portal sand the financial sector, including banks, payment services and online stores.
• Almost $35.000 was stolen through a webpage phishing which was supposed to offer the opportunity of an investment on the Telegram ICO.
• Almost $84.000 was stolen after a phishing email which was connected to the release of the «TheBeeToken» ICO.
• Phishing still represents almost half of all the online attacks (43,9%), a number which is 4,4% higher than the end of last year. The attacks against banks, online stores and payment systems remain in the three first spots showing the willingness of digital criminals to have access to the money of unsuspected users.
• Brazil is the country with the highest share of users who were attacked by phishers in the first trimester of 2018 (19%). Argentina was second(13%), Venezuela third (13%), Albania fourth (13%) and Bolivia fifth (12%).
• In the first trimester of 2018, the number of spam messages climaxed in January (55%). The average percentage of spam in the worldwide activity of email was 52%, that means 4,6% lower than the average of the last trimester of 2017.
• Vietnam was the most popular spam source, overcoming the USA and China. In the first 10 targets we find Germany, India, France, Brazil, Russia, Spain, and Iran.
• The country which had the most attacks from devious email attacks was Germany. Russia was second and the UK, Italy and the United Arab Emirates followed.