Last year, Brazil was the country most attacked by WhatsApp phishing, with more than 76,000 fraud attempts, according to Kaspersky’s new Spam and Phishing 2022 report. Research also shows that the country is the fourth in the world that suffers the most from email phishing.
The report also shows that, by 2022, there was an increase in the distribution of malicious messages through messaging applications, the majority being WhatsApp (82%), Telegram (14%) and Viber (3%). Brazil leads the ranking of phishing attacks on WhatsApp, with more than 76,000 blocks, and is second in Telegram, only behind Russia.
Kaspersky’s antiphishing system detected and blocked around 508 million attempts to access fraudulent content worldwide, with 10% of them in Brazil alone. The global figure represents double the number of foiled attacks in 2021.
The most used technique was social engineering with the creation of web pages identical to the original websiteswhich collect private data from victims or encourage money transfer to scammers, targeting both individuals and organizations.
Parcel service customers were the victims most attacked by phishing, with 27% of the total blocks recorded. Scammers send fake emails pretending to be from well-known delivery companies and claiming there are problems with a delivery.
The email includes a link to a fake website where personal information or financial details are requested, and which can be used to steal cryptocurrency on decentralized wallets and also on cryptocurrency exchanges.
If the victim falls for the scam and provides this information, plus access to the account and possible loss of money stored there, you may lose your identity and banking credentials, which can be sold on the Dark Web. Other popular targets for phishing attacks are online stores (15%), payment systems (10%), and banks (10%).
“Phishing is the most common scam in Brazil because it is very easy to create, at low cost. This threat becomes even more effective due to the creativity of Brazilian cybercriminals, who manage to create convincing ‘excuses’ for their tricks. But it’s important to note that the fake, or phishing, message is just an initial step in the scam. Being able to identify and block it means preventing the attack from being completed. For everyday people, this means avoiding theft of your money or fraud with your name (digital identity theft). Businesses are at greater risk as phishing can steal employee credentials, allowing the criminal to access your network to steal sensitive data or install ransomware“, explains Fabio Assolini, director of Kaspersky’s global research and analysis team for Latin America.
To avoid falling for a phishing or spam message, Kaspersky experts recommend:
- Only open the messages and click on the links if you are sure you can. trust the sender.
- When a sender is legitimate but the content of the message seems strange, it’s worth consult with the sender using an alternative communication channel (like a phone call).
- Verify website address. If you still suspect that you are viewing a fake page, use your browser to enter the site manually. If so, the URL may contain errors that may be difficult to identify at first glance, such as 1 instead of I or 0 instead of O.
- Use a proven security solution when browsing the web. With access to global threat intelligence sources, these solutions can identify and block spam and phishing campaigns.
Disclaimer: The information and/or opinions expressed in this article do not necessarily represent the views or editorial line of Cointelegraph. The information presented here should not be taken as financial advice or investment recommendation. All investment and commercial movement involve risks and it is the responsibility of each person to do their due research before making an investment decision.
It may interest you:
Investments in crypto assets are not regulated. They may not be suitable for retail investors and the entire amount invested may be lost. The services or products offered are not directed or accessible to investors in Spain.