KUALA LUMPUR, The last quarter of 2019 was a fruitful time for cybercriminals, as Kaspersky detected a 9.5 per cent growth in financial phishing alone, with spam and scam activity also growing in numbers and variety.
The global cybersecurity company said phishing remained an effective way of luring users rushing to get a good deal ahead of the holidays into handing over their personal data and credit card credentials to cybercriminals.
It said the Black Friday, Cyber Monday and pre-Christmas shopping rushes saw not just growth in sales but malicious activity as well.
It found that popular brands were used as bait, citing the example of a fake Amazon page that offered users Christmas promotions so criminals could steal their Amazon Prime credentials.
The holiday season is a time for impulse purchases and rash decisions, Kaspersky security analyst Tatyana Sidorina said in a statement today.
She said pressure to get a good deal or buy presents could mean that users are distracted, making it easier for cybercriminals to take advantage of them.
Of course, this does not mean that anyone should abstain from shopping ahead of the holidays — users just need to pay extra attention to their credit card payments.
It is possible that a subscription or a delayed charge for a present for friends or family could turn out to be fraudulent, as criminals often do not use stolen data straight away, Sidorina explained.
Kaspersky’s analysis also saw a slight growth in spam emails during the holiday season but a significant diversification in topics.
Criminal schemes varied from promises of Christmas donations to scams with attempts to steal cryptocurrency or malicious emails sent to organisations as fake urgent Christmas orders.
Such holiday-related scams and spam emails are not exclusive to the Christmas season. Users in South East Asia also received typical ‘gift offers’ that were instead tied to the Lunar New Year.
To stay safe from phishing and spam, Kaspersky advised users to access deals directly through the legitimate website or official marketplaces.
Use a security solution with behaviour-based anti-phishing technologies, it cautioned.
Kaspersky also stressed the importance of never using the same password for several websites or services because if one is stolen, all accounts would become vulnerable.
Source: BERNAMA (News Agency)