Attacks in the financial sector are becoming increasingly corporate-oriented and shifting away from consumers.
Kaspersky Security Network data shows that the number of financial phishing attempts in the African regions increased significantly from Q1 to Q2 of 2022. Banks, payment systems, and e-commerce websites were attacked.
Financial phishing is a deceptive way of stealing information and is gaining momentum in the region. Phishing is a type of online fraud where the scammer sends fake alerts from banks, e-pay systems and other organisations to trick consumers into sharing their financial details. The alerts sent by the scammer can be related to loss of data, update credentials or system breakdown, which results in theft of passwords, credit card numbers, bank account details and other confidential information.
According to the Kaspersky telemetry, in Q2 of 2022 a total of 194,090 financial phishing attacks aimed at organisations were detected in South Africa, a 65% increase compared to Q1. The largest share of attacks was directed at e-commerce websites (69%), with banks (17%) and payment systems (14%) following.
For the same period in Kenya a total of 100,192 financial phishing attacks aimed at organisations were detected, a 201% increase compared to Q1. The largest share of attacks was also directed at e-commerce websites (58%), with banks (21%) and payment systems (also 21%) following.
In Nigeria, a total of 61,344 financial phishing attacks aimed at organisations were detected, an increase of 79% compared to Q1. The largest share of attacks was directed at e-commerce websites (52%), with payment systems (42%) and banks (6%) following.
“A life without Internet is strange to us. So much so that our financial life is now digital,” says Emad Haffar, head of technical experts at Kaspersky. “This is the magic of digitisation. But we also need to be aware of an unprecedented wave of challenges.
“Financial threats are one such challenge which is becoming more advanced in exploiting human behaviour and will only continue to grow. Businesses trying to stay ahead of such evolving, complex cyberattacks should make fraud prevention a focal point to control fraud transactions, eventually reduce fraud risk in the future and avoid reputation damage.”