Johannesburg - Last week a peculiar email landed in *Ashley James’s inbox.
The email, which appeared to have come from a Standard Bank account, claimed she had accumulated a large amount of UCount reward points that she could redeem for cash.
The email looked identical to previous Standard Bank emails she had received in the past and even the letterhead looked right.
All James had to do was click on the link.
“Thankfully, it was quite a large number and I checked the relevant Standard Bank app first,” James said.
“It so happens it was nowhere near what the email had claimed.”
James was lucky. Others have fallen for the con and millions of rands have been lost.
If James had clicked on the link, she would have been directed to a fake website. There fraudsters try and get their victims to hand over payment and personal details by getting them to fill out a form.
Cybercriminals are increasingly using what is called brand phishing attacks to con users into thinking they are dealing with the real companies. This by imitating the official website of a well-known brand and using a similar domain name.
These brand phishing attacks have been on a shocking rise in the last few months, with cyber experts predicting they will continue to grow this year.
So far the company that cybercriminals like most to mimic for their phishing attacks is the international shipping company DHL.
Just recently DHL replaced Microsoft as the brand most likely to be targeted by cybercriminals in phishing scams.
This is according to Check Point Research, a leading provider of cyber security solutions globally.
The company recently published its latest Brand Phishing Report, in which it listed the top brands being targeted by cybercriminals.
Twenty-three percent of all brand phishing attempts were related to DHL.
The other nine top brands imitated by cybercriminals include Microsoft, WhatsApp, Google, LinkedIn, Amazon, FedEx, Roblox, Paypal and Apple.
“In 2021, we have seen a 50 percent increase in cyber-attacks compared to 2020, and this trend could unfortunately continue in 2022 as cybercriminals look to take advantage of the Covid-19 crisis situation,” said Issam El Haddioui, the Head of Security Engineering- Africa at Check Point Software Technologies.
El Haddioui urges everyone to proceed with caution when opening any email.
“Cybercriminals use indeed very persuasive phishing emails that look very much like official emails that people expect from known brands, to increase their chances of people opening malicious attachments or following a link.”
He suggests that individuals adopt a “zero-trust” attitude and examine any suspicious email carefully.
“We recommend people look at the ‘To’ and ‘From’ fields to verify that it did indeed come from a trusted source or domain. Also not to open any received attachment before verifying the source by hovering over any embedded link in the email to check the real address.”
El Haddioui added that people should not respond to any requests for credentials or click on links.
Also organisations should conduct regular education and security awareness programs.
“Always verify the source of the emails and address, pay attention to the subject and body language; very often in phishing emails you’ll find grammar or language mistakes.”
He believes cybercriminals have chosen to focus on imitating brands such as DHL, due to their popularity during the pandemic and with people always expecting delivery notifications or confirmation emails from their logistics suppliers.
“Unfortunately, we have noticed that most people are unable to recognise phishing emails and aren’t able to differentiate between legitimate emails and therefore become easy targets for cybercriminals,” he said.
“Over the years we have witnessed multiple organisations also losing significant amounts of money to cybercriminals on the back of a cyberattack that started with a phishing email, leading to a ransomware infections or account takeover.”
Cybercriminals are becoming increasingly sophisticated and are continuously improving their toolsets and are forever on the lookout to exploit a security hole.
Omer Dembinsky, Data Research Group Manager at Check Point Software, said older less tech savvy users are more likely to fall victim to cybercrime.
“Older users in particular, will be shopping online for the first time and might not know what to look for when it comes to things like delivery confirmation emails or tracking updates,” he said.
Social media has also become a hunting ground for cybercriminals, said Dembinsky, because of more people working remotely.
“Unfortunately, there’s only so much brands like DHL, Microsoft, and WhatsApp – which represent the top three most imitated brands – can do to combat phishing attempts.
“It’s all too easy to overlook things like misspelled domains, typos, incorrect dates, or other suspicious details, and that’s what opens the door to further damage.
“We’d urge all users to be very mindful of these details when dealing with the likes of DHL in the coming months.”
*Not their real name.