Kaspersky has developed a study revealing which messaging applications are most used by cybercriminals to launch phishing attacks. The highest proportion of fraudulent links detected between December 2020 and May 2021 have been identified on WhatsApp, with 89.6%; followed by Telegram, with 5.6%; Viber with 4.7%; and Hangouts, with less than one percent. For countries that have suffered the highest number of phishing attacks, Russia is at the forefront with 46 per cent of total attacks, followed by Brazil at 15 per cent and India at 7 per cent. Globally, there have been an average of 480 daily attack attempts.
As recent research reveals, messaging apps surpassed social media by 20% in popularity in 2020, becoming the most popular communication tools in the world. Another study shows that the global audience of messaging applications amounted to 2.7 billion people, and that by 2023 this figure is expected to rise to 3.1 billion, which will account for almost 40% of the world's population.
Kaspersky Internet Security for Android has added a new feature called Safe Messaging, which prevents users from opening fraudulent links they receive in messaging apps (WhatsApp, Viber, Telegram, Hangouts) or via text messages. As a result, Kaspersky analyzed clicks on phishing links in messaging applications and found that between December 2020 and May 2021 a total of 91,242 detections were recorded worldwide.
According to statistics from Kaspersky Internet Security for Android, the largest number of malicious links have been detected on WhatsApp, because it is the most popular messaging application worldwide. For the countries with the highest proportion of such messages, Russia has been the most affected with 42 per cent of attacks. Behind this country is Brazil with 17% and India with 7%.
Telegram was the second application with the highest proportion of attack attempts detected by users of Kaspersky Internet Security for Android. The geography of attacks in this app is very similar to that seen on WhatsApp. The highest number of fraudulent links has been detected in Russia (56%), India (6%) and Turkey (4%). The huge increase in the popularity of Telegram in Russia explains the high phishing figures in the app in this country.
Spain ranks 14th in the world ranking of countries affected by phishing attacks via WhatsApp and 16th in Telegram.
According to Kaspersky statistics, Viber and Hangouts have received fewer attempts to attack. Its main difference lies in the distribution between countries. The highest number of cases detected in Viber occurred mainly in Russia, with 89 per cent, and in CIS countries, with 5% in Ukraine and 2 per cent in Belarus. In contrast, most cases detected in Hangouts have occurred in the United States and France, with 39% each.
“Statistics reveal that phishing in messaging apps remains one of the most common methods among scammers. This is partly due to the great popularity of these apps among the public, as well as their ability to use built-in applications and carry out attacks. Sometimes it can be difficult to determine if an attack is phishing or not, since the difference may be in a single character or a small error. Surveillance, along with anti-phishing technologies, are the best tools to combat phishing in these applications,” says Tatyana Shcherbakova, Kaspersky's senior web content analyst.
In order to reduce the risk of being a victim of a scam through fraudulent links in these applications, Kaspersky recommends following the following tips:
Be vigilant and look for misspellings and other errors in the links.
A “chain scheme” is a common technique in which a scammer asks the user to share the fraudulent link among their contacts, which seems authentic to the rest of the users, since it comes from a known person. It's important to be vigilant and not share any suspicious links with your contacts.
Cybercriminals often use WhatsApp and other messaging services to communicate with users they have encountered on other legitimate platforms (such as booking hosting services) and use them as a communication method for fraudulent messages. Even though messages and web pages look real, hyperlinks are most likely misspelled or redirected to a different location.
Even if the message comes from one of your best friends, it's important to note that their account could also be hacked. Caution is recommended in any situation, even if the message seems friendly and harmless. Be wary of links and attachments.
Install a trusted security solution, such as Kaspersky Internet Security for Android, and follow all its recommendations. Security solutions resolve most issues automatically and alert if necessary.