Phishing in messenger apps – what’s new?
July 2021 by Kaspersky
Anonymised data, voluntarily provided by Kaspersky Internet Security for Android users, has shown which messenger apps are the most popular among phishing scammers. The biggest share of detected malicious links between December 2020 and May 2021 were sent via WhatsApp (89.6%), followed by Telegram (5.6%). Viber is in third place with a share of 4.7% and Hangouts has less than one percent. Countries experiencing the highest number of phishing attacks were Russia (46%), Brazil (15%) and India (7%). Globally, 480 detections were recorded per day.
According to research, messenger apps outstripped social networks by 20% in 2020, in terms of popularity among users, and became the most popular tool for communication. Survey results also show that in 2020, the global audience for messengers amounted to 2.7 billion people, and by 2023 it is expected to grow to 3.1 billion. That is almost 40% of the world’s population.
Kaspersky Internet Security for Android has added a new feature, Safe Messaging, which prevents users from opening malicious links that they receive in messenger apps (WhatsApp, Viber, Telegram, Hangouts) and through SMS. As a result, Kaspersky analysed anonymised clicks on phishing links across messenger apps and found that between December 2020 and May 2021, 91,242 detections were recorded globally.
According to the statistics, Kaspersky Internet Security for Android detected the biggest number of malicious links in WhatsApp, partly due to the fact that it is the most popular messenger globally. The biggest share of such messages was detected in Russia (42%), Brazil (17%) and India (7%).
Among Kaspersky Internet Security for Android users, Telegram had the least amount of detections, but was similar in geography to WhatsApp. The biggest number of malicious links were detected in Russia (56%), India (6%) and Turkey (4%). High figures in Russia are probably due to the increased level of popularity of this messenger in the country.
Based on statistics, Viber and Hangouts received a smaller number of recorded detections. The key difference between them is regional representation. The biggest number of detects in Viber was identified mostly in Russia with 89%, and the CIS countries - Ukraine 5% and Belarus 2%, and the majority of Hangouts’ detections were from the USA (39%) and France (39%). In terms of the number of phishing attacks recorded per user on WhatsApp, Brazil (177) and India (158) led the way. At the same time, Russian users have become leaders in the number of detections on Viber (305) and Telegram (79) compared to other countries.
“Statistics show that phishing in instant messenger apps is still one of the most popular tools among scammers. This is partly due to the wide popularity of these apps among the audience, as well as the ability to use the built-in functionality of applications to carry out attacks. Sometimes it can be difficult to determine whether an attack is phishing, as the difference can be just one character or a minor mistake. Vigilance combined with anti-phishing technologies form is a reliable tool in the fight against phishing in messenger apps,” comments Tatyana Shcherbakova, Senior Web Content Analyst at Kaspersky.
To reduce the risk of falling foul of scams and receiving malicious links across messenger, follow these simple tips:
• Be vigilant and look for misspellings or other irregularities in links
• A ‘chain scheme’ is common practice, where a scammer asks a user to share the malicious link with his contacts which then looks legitimate to other users, as it is from a person they know. Be aware and don’t share any suspicious links with your contacts
• Scammers often use WhatsApp and other messengers to communicate with users who were found on a legitimate resource (for example, various marketplaces and accommodation booking services) and also use them as a method of communication in malicious messages. Even if messages and websites look real, the hyperlinks, most likely, will have incorrect spelling, or they can redirect you to a different place
• Even if a message or letter came from one of your best friends, remember that their accounts could also have been hacked. Remain cautious in any situation. Even if a message seems friendly, be wary of links and attachments
• Install a trusted security solution and follow its recommendations. Security solutions will solve the majority of problems automatically and alert you if necessary