Even as Indian consumers get ready to welcome Lord Ganesha and celebrate Ganesh Chaturthi, the cybercrooks are ready to scam them with phishing attacks. Kaspersky reports show that with the onset of festival season, cybercrooks get ready to steal identities, money or illegally take control of user accounts and profiles through phishing. According to Kaspersky statistics, phishing remains a globally and extremely popular type of attack. In particular, during the first six months of 2024, Kaspersky’s Anti-Phishing system alone thwarted 515 million of attempts to follow phishing links. In comparison, Kaspersky’ recent report, Spam and Phishing 2023 revealed that 709 million phishing attempts were detected throughout the entire year of 2023.
This shows that the pervasive nature of phishing attacks is continuing to spread, and slowly the same is evolving into something more complex. In fact, technologies like built-in GPT chats have enabled cybercriminals new ways to exploit the consumers. Kaspersky experts have found that messaging platforms like WhatsApp and Telegram are being exploited in a big way by scammers to snare users into sharing their details.
Interestingly, India has the highest number of WhatsApp users and as of May 2024, there are over 500 million monthly users in the country. Moreover, it is seen that 66% of users have made some kind of purchase after connecting with a brand via WhatsApp. This numbers increase during special occasions like Ganesh Chaturthi, when buying happens for gifting and the likes.
“Phishing remains a prevalent threat in today’s digital landscape, constantly evolving to deceive unsuspecting users and the nature phishing is also changing. Our statistics show that there is a significant increase in hybrid phishing emails where a mix of spear phishing and traditional phishing is being used. Cybercriminals are also leveraging AI powered tools to create convincing contents, making these mixed attacks more effective and harder to detect. So, there is a critical need for cybersecurity solutions for consumers that provide not just protection from virus, but also from malware and phishing attempts. We have a comprehensive line of anti-phishing solutions for home users that offer the highest level of protection against phishing,” says Jaydeep Singh, General Manager for India Region, Kaspersky.
Kaspersky’s award-winning range of cyber security for home users include Kaspersky Premium, Kaspersky Plus and Kaspersky Standard. Recently Kaspersky Premium for Windows was awarded as one of the best anti-virus and anti-phishing solutions by the independent cybersecurity lab AV-Comparatives. This solution demonstrated the highest protection rate, detecting 93% of phishing URLs without a single false positive.
To prevent from becoming a victim of phishing-based scams, Kaspersky experts advise the following:
- Stay alert to phishing attempts: Avoid opening link in emails claiming suspicious login attempts on an account. Avoid opening emails that claim that your account’s billing or payment information is wrong, or an account needs to be confirmed. Be suspicious of content that seems odd even though seemingly from a legitimate sender. Check with the sender via an alternative means of communication.
- Delete or ignore suspicious emails and texts: Be alert and learn to identify potentially malicious messages and actively remove them so that you do not fall victim to the scam.
- Report phishing attacks: Try connecting with the company from whose URL you may have received the email or text. Let them know about the phishing attempts being made. This can protect other people from potentially becoming phishing victims, and also allows any other companies that may have been implicated in the scam to enhance their security measures and alert their customers.
- Disconnect the device: In case any malware has been used for the phishing attack, disconnecting the compromised device from the internet is the best way to stop the malware threat through home or office network. Disable the device’s Wi-Fi connection, or completely disconnect and reset the Wi-Fi network to be on the safer side.
- Update passwords: Phishing scams manipulate victims into providing sensitive information. Usually, they will use a link to redirect users to a spoof website and get them to enter login credentials like passwords. After clicking a phishing link, it is best to change any password that might had been compromised in the attack. Make sure this is done through the real website and not through the phishing link, and if the password has been used on other accounts, be sure to change those, too.
- Install anti-virus and anti-phishing software: These programmes help protect users’ security and privacy by filtering suspicious messages. They remove the messages and alert users about potentially malicious software. Ensure these programmes are updated regularly and initiate manual scans too.
- Use multifactor authentication: This ensures an additional layer of security for accounts, so that even if a phishing attack is successful, the phisher has fewer opportunities to use the stolen details to compromise bank accounts, social media profiles, or email accounts, for example.
- Regularly back up all data: Whether using a smartphone or laptop, ensure that all data on the device is regularly backed up—to an external hard drive or cloud, for example—so that it is always protected and available in case of an attack or data theft.
