The number of people who fell in a phishing scam in the last year in Brazil is over 48 million, almost 25% of the population. The world leader in this type of threat, which consists of using fake websites to steal data from users, mainly banking information. The attacks come via email, WhatsApp, SMS and even conventional calls, and are aimed at deceiving ordinary users, who use the PC or cell phone in their homes, as well as corporate employees. The data were released during the 8th Conference of Security Analysts for Latin America, this Monday (13th).
READ: Danger! Brazilians saw the biggest target of online attack
Phishing scam, which steals user data, hit almost 25% of Brazilians in 2018 Photo: Nicolly Vimercate / TechTudo
Want to buy cell phones, TV and other discounted products? Meet Compare TechTudo
The story is not new: the user receives an email, message or sees an ad on Facebook with the product he wanted to buy. The advertisement shows the name of a well-known company and offers an interesting but totally plausible discount (10% to 15% cheaper, for example). The consumer clicks, fills in the data and makes the purchase without knowing that it is a fake website. Days later, he discovers that he had his card cloned, his password changed, among other problems he has to solve from now on.
The big problem, according to senior Kaspersky Lab security analyst Fabio Assioline, that in this type of scam, criminals take advantage of people's confidence: phishing exploits human vulnerability, deceives people by appealing to their curiosity, to the feeling of urgency.
Email, Web and USB are among the biggest malware vectors Photo: Divulgao / Kaspersky
Latin America is the region with the highest number of phishing attacks in the world. Brazil, the first in the world ranking: in the country, 23.3% of the population was already a victim of phishing in 2018. Only on Black Friday, the preferred date for cybercriminals, 383 thousand attacks were blocked in one day in Latin America by Kaspersky Lab .
How Phishing Attacks Work
About 90% of attacks start with a phishing email, which is why email is the best known. But this is not the only means used by criminals. Increasingly, attacks by SMS, WhatsApp and social networks where crooks buy ads become more common. Even conventional calls are being used by gangs to deceive bank customers or corporate employees. Someone calls and tells the victim to access the address of a fake website and make a registration or provide some type of data.
Brazil world leader in the number of phishing attacks Photo: Divulgao / Kaspersky
The second step is precisely to take the user to a website, with the address (the so-called domain) tampered with. The criminal registers a name very similar to the real one. By copying the layout of the real page and placing the word mercardo instead of market, which would be correct, he is able to deceive even the most attentive users. Kaspersky Lab estimates that the crooks spend less than US $ 1 (about R $ 3.70) to put this scam to work, with the website published on the Internet and even a security certificate. The impact of falling for this trick, for the company, can reach US $ 120 thousand (almost R $ 470 thousand).
The main tips to avoid phishing are known to many users: do not click on suspicious links, keep an eye on the features of the website (correct address, https security certificate etc). However, as attentive as they are, there is always the risk that users will fall for the scam. This is because the tools used by criminals are increasingly sophisticated.
Assiolini also indicates a database called whois (https://www.whois.com/), which shows who registered a domain on the Internet. As an example, the security analyst cites Apple: the apple.com domain was created in 1987 by the company itself, Apple Inc. Another website, called applecustormerhelp.com, was registered in 2017 by a company named i Tech Solutions that has including more than 215 other sites on your behalf. With this information in hand, the user can, at the very least, be suspicious.
Whois platform shows website, which uses the name of Apple, but was created for scam Photo: Nicolly Vimercate / TechTudo
Shoot first question later
During the event, Kaspersky announced a new project called Shoot first, question later, which promises to be proactive, blocking phishing attacks before they happen. The tool uses the same logic explained above: if the domain is using the name of a famous company, but was not registered by it, the antivirus blocks before the user can access the page and put himself at risk, explains Assiolini. In Brazil alone, in four years of this strategy, we have blocked more than 100 thousand domains, he adds.
When looking at the general panorama of the attacks in Brazil, the numbers are even more impressive: 64.4% of the population suffered a virtual threat in 2018. In absolute numbers, 160 million Brazilians were at risk, an increase of 60% more hits year than 2017, according to Kaspersky Lab.
Although phishing is a major concern for security analysts, other threats make victims in Brazil, including cryptocurrency and ransomware miners.
What ransomware: five tips to protect yourself
In the group of main vectors, that is, where these threats come from, there are online platforms, such as e-mail, the web (websites, apps, social networks), and even offline, represented by ejectable devices, such as USB and microSD card. .
For the head of Kaspersky Lab's global research and analysis team, Dimitri Bestuzhev, this shows that no one is immune, since attacks are on all platforms: criminals think like marketers. The more users they can reach in a given system, the more they will dedicate themselves, he explained.
* The journalist traveled to Panama at Kaspersky's invitation