Since the beginning of 2020 due to COVID-19 people have been social distancing and staying indoors as much as possible. Due to that the use of the Internet, E-commerce sites, and E-government operations have increased immensely and so have the attempts at phishing attacks.

His Excellency Dr. Khaled bin Abdullah Al-Sabti, Governor of the Cybersecurity Authority, spoke during the opening of the Global Cybersecurity Conference on April 7th, 2021, about the high increase in phishing sites by about 300% and the importance of being aware.

Below (Figure A-1 & A-2) we can see two different examples of Smishing Attacks during this time:

 

Recent Phishing Attacks

Logistics (shipping companies) are an integral part of the ecommerce system. We find here the method that the malicious attackers are using is impersonating SaudiPost to carry out their phishing scams by sending text messages as shown in the figure below:

It also seems that with the recent launch of the Ihsan campaign and application and during the blessed month of Ramadan, people’s interest in doing good in this holy month is being used to launch various phishing scams, as shown above in (Figure A-2).

And in another attack, these malicious users are also trying to bait unsuspected individuals by impersonating the most used sites in the region such as the Absher website for governmental services and redirecting users to a cloned website where they can steal the user’s sensitive information.

Phishing does not only occur via email; other methods of phishing include:

  • Voicemail which is called Vishing.
  • SMS and WhatsApp Messages which are called Smishing.
  • And even via Social Media Platforms.

How can you avoid becoming a victim of a Phishing attack?

 

  • Check the subject and sender of the e-mail or SMS: Phishing messages usually urge the user to act immediately (Buy Now! You’ve won the lottery!, Please confirm your information)
  • Do not click on any unknown links: If you do not know where the link leads to, then do not click it! Always make sure to double check where the link is taking you by hovering your mouse over it to get more information.
  • Only visit secure and authentic websites: When entering confidential or sensitive details, make sure you use a safe website. Check that the address in your browser starts with “https://” rather than “http://” to ensure you are using a safe web server. In addition, a small padlock should appear near the address.
  • Increase your security!
    • Install a firewall or improve your current security.
    • Install updates as soon as they become available to keep your browser safe.
    • Make sure your operating system is up to date.
    • Use well-known anti-virus software and keep it up to date.
    • Install Anti-spam software.
    • Install Anti-spyware software.
    • Delete cookies as often as you can.

 

The ideal way to avoid becoming a victim to a phishing attack is to increase our awareness on the cyberthreats we face every day.

Share this article:

Newsletter

Popular