(MENAFN- The Peninsula) The Peninsula
Doha, Qatar: Kaspersky experts have outlined the top four email scam themes and tactics currently prevalent in the Middle East, Türkiye, and Africa region (META).
These scams highlight different social engineering techniques used by cybercriminals. However, the objective remains the same, which is to entice unsuspecting victims and steal their personal and financial information.
Read Also qrcs, krcs provide food parcels for drought-hit in somalia 350,000 students go back to schools today
Phishing remains the most common type of social engineering attack. According to the Spam and Phishing in 2022 report, Kaspersky's anti-phishing system thwarted over 500 million attempts to access fraudulent websites globally in 2022. In Qatar, this type of threat is growing over time as Q2 2023 saw a 64% increase in phishing detections compared with Q1.
Email scammers disguise themselves as having come from trusted sources, tricking their recipients into opening the emails, clicking on malicilinks or downloading harmful attachments.
Scammers use 'undelivered parcels' as a means to exploit human curiosity. Many people have received emails and text messages from postal and courier services providing links to confirm payment or to unsubscribe. Clicking on these links redirects individuals to a fake page that steals sensitive information.
Cybercriminals have been posing as prominent banks requesting people to complete Know Your Customer (KYC) verification to comply with financial regulations or avoid suspension of transactions. The objective is to exploit human fear by highlighting words such as“urgent” in the email to manipulate victims. The email's format, design, and KYC link look authentic to trick people visually.
Unusual email account log-in activity fake alerts flag false sign-in/log-in activity into an individual's email account and provide a link to report the user. The email includes sign-in details such as country, IP address, date and browser, making the alert appear legitimate and cause worry. Coupled with the travel season, this scam theme can increase the cybercriminal success rate.
Free money fraudulent emails play on elements of human greed and curiosity. Cybercriminals attempt to convince people to open a maliciemail attachment related to money deposits. In reality, the attachment is an HTML page that redirects the victim to a fake Microsoft Outlook page to steal email credentials.
The tactics are known as social engineering techniques, which is a manipulation technique built on how people think and act. This involves an email or text message pretending to be from a trusted source. Once cybercriminals understand what motivates an individual's actions, they exploit their lack of knowledge and manipulate their behaviour to meet the end goal.
“There is no aspect of our life that cybercriminals cannot exploit. Human behaviour and emotion is no exception. These scams result from manipulation based on fear, curiosity and greed. The key takeaway is to pay attention to basic details in emails before responding, even if they are from trusted sources because one wrong click can lead to harsh consequences,” commented Maher Yamout, Lead Security Researcher at Kaspersky.