A new report by cybersecurity company Kaspersky reveals the statistics on phishing for the second quarter of 2021, and presents an especially worrying fact that Israel is ranked second (after Brazil) in the list of countries with the largest number of phishing attempts. Out of 50.4 million cases that were identified by Kaspersky's systems, 6.65% were located in Israel.
Kaspersky's report reveals the methods of operation being developed by cybercriminals that were able to find new and especially convincing ways of stealing credit card information and money from users. One of the most widespread types of phishing during the second quarter was mail fraud, apparently amid great demand for delivery services and the large burden on those systems following the outbreak of the COVID-19 pandemic.
Due to social distancing, many people around the world, and of course in Israel as well, preferred to make purchases online and relied more on delivery and mail services. Thus they became more likely to respond to messages related to packages that they expected to receive, and did not notice that the messages were fake ones from an unreliable source. The criminals impersonated the local mail service or international shipment companies, and relied on the fact that many purchasers had difficulty tracking their shipments that had yet to arrive.
The message sent to the addressees looked like an authentic message from the mail service, and included a legitimate-looking link to track the package, pay the shipping cost or customs duty, or update the address where the shipment will be delivered. But in many cases, it was a completely fake message about a shipment that did not exist, and was only intended to inject malware in the device of the addressee in order to steal personal information or credit card details.
One of the inherent dangers from such phishing is the great difficulty in identifying them. In most cases, the messages sent to the users appeared to be official messages from the various entities, with the sender of the message using the name and official details of these entities.
Noam Froimovici, managing director of Kaspersky Israel, said "Cybercriminals are constantly exploiting events and trends worldwide to steal personal details and money, and of course the COVID-19 pandemic provided them with a wealth of opportunities to attack. Phishing is one of the most effective ways to carry out successful cyberattacks because it plays on human emotion and exploits our trust. In Israel, there were quite a lot of phishing incidents that exploited the dependence by all of us on online purchases and shipments, and the expectation to receive the packages."
"The best thing that users can do is to be suspicious of every message received, even from what appears to be a known and trusted source. We should carefully consider whether the message is worded correctly, whether it makes sense that we received such a message from the sender, and whether the request in the message is reasonable. And of course, it is not recommended to click on links or open attached files, and thus to access the sender's website or initiate contact with the sender and receive the details there."