The standard data theft method is social engineering – a potential victim is lured onto an infected web-page or is duped into opening a file attached to an e-mail. It is not always easy to recognize such a message, as a survey conducted in May 2012 by O+ K Research at the request of Kaspersky Lab International Ltd. demonstrates. During the survey, 62% of users in GCC region claimed they are incapable of recognizing a phishing message or a forged web-site.
The overwhelming majority of phishing messages are delivered through e-mail or social networks. The reason is simple: these are currently the most wide-spread means of communication. According the same research, 80% of PC users check their e-mails regularly, and 81% communicate in social networks. 54% of users chat on the Internet regularly with their smartphones. Cybercriminals who use phishing as a tool to steal data are primarily interested in gaining unauthorized access to social network accounts, accounts in online banking and payment systems, and e-shops. According Kaspersky Lab, in June 68% of phishing messages related to such services were targeted at data theft.
The results give indirect evidence that the mass messaging method bears fruit: about half of the O+K Research respondents noticed they have already encountered suspicious correspondence in social networks or e-mail. Thus, 43% of PC users in the GCC got a message with a suspicious link or an attachment, and 27% of respondents got letters on the name of a bank (social network, another service, etc.) with a request for confidential information.
Moreover 35% of PC users in the GCC admitted that their computers had been infected as a result of opening an attachment to a letter, and 14% of respondents had entered personal or financial data at suspicious pages. Therefore when fighting against fake and infected messages and web-sites, instead of relying upon your own efforts it is better to use specific solutions. The new Safe Money technology, presented as a part of Kaspersky Internet Security 2013, helps to detect and block attempts to steal your sensitive data via phishing web-pages and malware linked to online shopping or banking services.
A high percentage of users fell victims of mobile devices’ phishing. 25% of tablet users and 20% of smartphone owners received correspondence with suspicious links and attachments in the GCC. 13% and 13% respectively had letters on behalf of a bank or social network. One can presume that as we see more and more mobile devices going online, the amount of phishing letters for mobile platforms will also grow. Therefore it is high time to think of protecting you mobile devices with specific anti-phishing solutions. This function is already available in Kaspersky Mobile Security and Kaspersky Tablet Security.