Malware is on the rise. (Duncan Alfreds, Fin24)
Cape Town – South Africa has rocketed up the list of countries most targeted by cyber criminals, a new survey has showed.
According to cyber security firm Check Point, SA jumped from 67th to 22nd position on its ThreatCloud Map in January.
“We’ve seen an increase in phishing attacks targeting video-on-demand users, who are tricked into handing over their passwords under the guise that their accounts need to be updated,” said Doros Hadjizenonos, country manager of Check Point South Africa.
Phishing attacks, where crooks attempt to dupe internet users into handing over personal or financial information, are often delivered by spam emails with malicious attachments.
“These mails also install malware onto the user’s PC, which steals personal information, such as banking details, without the user knowing,” said Hadjizenonos.
Namibia retained its position as the second most attacked country, with Ethiopia ranking at 10th.
READ: Globalisation helps cyber crooks
Hadjizenonos said that phishing attacks are designed to exploit the rise in popularity of e-commerce, and cyber crooks regularly create fraudulent apps or discounts to entice consumers.
“Tactics often involve ‘discounts’ when shopping online or through a retailer’s app. What consumers are often unaware of is that, even though the app or URL look legitimate, they have been designed with the sole purpose of stealing information.”
The security company recorded more than 1 500 malware families active during January.
Conficker retained its top slot as the most prolific malware, accounting for 24% of all attacks, with Sality in second place.
Conficker disables security services and Sality is designed to persist in the system so that it can leave machines open to downloading additional malware.
However, the Dorkbot worm made its way into third place. It allows attackers to execute remote code, with its primary purpose being to steal sensitive information, Check Point said.
“The increase in DDoS (distributed denial of service) attacks against public websites has been well publicised in the past couple of months, and the fact that the Dorkbot family is becoming more prevalent underlines the fact that businesses need to be taking steps to protect themselves against such attacks,” Hadjizenonos.
- Follow Duncan on Twitter