Phishing and scams strike Kenya and Nigeria at an all-time high

News Desk -

Share

Kaspersky analysis has revealed that attacks related to data loss threats (phishing and scams/social engineering) increased significantly in Africa in Q2 2022 compared to the previous quarter. In the second quarter, the company’s security solutions detected 10,722,886 phishing attacks in Africa.

Kenyan users were the most affected by this type of threat: there were 5,098,534 phishing attacks detected in three months, a 438 percent increase over the previous quarter. It was followed by South Africa (4,578,216 detections and a 144% increase) and Nigeria (1,046,136 detections and a growth of 174 percent).

Social engineering scams, also known as “human hacking” scams, are used in a variety of ways and for a variety of purposes to lure unsuspecting users to the site and trick them into entering personal information. Financial credentials, such as bank account passwords or payment card information, or login information for social media accounts, are frequently included in the latter. In the wrong hands, this opens the door to a variety of malicious operations, such as money theft or corporate network compromise.

Phishing is a powerful attack method because it is carried out on a large scale. Malicious users increase their chances of success in their hunt for innocent people’s credentials by sending massive waves of emails in the name of legitimate institutions or promoting fake pages. Phishers use a variety of techniques to circumvent email blocking and lure as many users as possible to their fraudulent websites.

HTML attachments with partially or completely obfuscated code are a common technique. HTML files enable attackers to use scripts, hide malicious content, and send phishing pages as attachments rather than links.


While the vacation season is in full swing around the world, scammers are attempting to entice travelers looking for interesting places to visit, cheap places to stay, and reasonably priced flights. Researchers at Kaspersky Lab have noticed an increase in scamming activity, with numerous phishing pages distributed in the guise of airline and booking services. In the first half of 2022, there were 4,311 attempts to open phishing pages related to booking and airline services in the Middle East, Turkey, and Africa (META) region.


“Planning a vacation is not easy. People can spend weeks, even months, looking for the perfect place to stay and the tickets to get them there. Fraudsters use this to lure users that have grown tired of searching for great deals. After two years of flight restrictions imposed by the pandemic, travelling is back. But so are travel scams – with intensified scamming activity targeting users through fake booking and rental services. Such attacks are totally preventable, which is why we urge users to be skeptical about overly generous offers. If an offer seems too good to be true, it probably is,” comments Mikhail Sytnik, security expert at Kaspersky.

To keep yourself protected from phishing and scams, Kaspersky experts recommend:

  • Carefully looking at the address bar before entering any sensitive information, such as your login details and password. If something is wrong with the URL (i.e., spelling, it doesn’t look like the original or it uses some special symbols instead of letters) don’t enter anything on the site. If in doubt, check the certificate of the site by clicking on the lock icon to the left of the URL.
  • Not clicking on links that come from unknown sources (either through e-mails, messaging apps or social networks).
  • Visiting the business’ official website if you see a giveaway offered in e-mail or on social media by a travel company or an airline to confirm the giveaway exists. You should also carefully check the links the giveaway ad leads you to.
  • Using a good security solution that can protect you from spam emails and phishing attacks.