A study using anonymous data volunteered by users of Kaspersky Internet Security for Android has ranked the most popular messaging apps among cybercriminals. Over the period from December 2020 to May 2021, WhatsApp was the app with the highest number of fraudulent links circulated (89.6% of the total), far ahead of Telegram (5.6%). Viber came in third (4.7%), while Hangouts closed the gap (less than 1%).

The countries most exposed to phishing attempts are Russia (46%), Brazil (15%) and India (7%). France, on the other hand, only suffered 0.55% of attempts. In total, 480 attempts per day were detected worldwide.

According to the study, messaging applications have become the most popular communication tools in 2020, with 20% more monthly active users than social networks. The results also show that in 2020, 2.7 billion people were using messaging applications, a figure that is expected to rise to 3.1 billion by 2023, representing almost 40 percent of the world's population.

Kaspersky Internet Security for Android has integrated a new feature, Safe Messaging, which prevents users from opening malicious links received in messaging apps (WhatsApp, Viber, Telegram, Hangouts) and via SMS. By anonymously analyzing clicks made on phishing links in messaging apps, Kaspersky recorded 91,242 attempts detected worldwide between December 2020 and May 2021, including 490 in France.

The tool

According to the statistics, Kaspersky Internet Security for Android detected the highest number of fraudulent links in WhatsApp. This is due to the fact that WhatsApp is the most popular messaging application in the world. Most phishing attempts were made in Russia (42%), Brazil (17%) and India (7%) compared to 0.54% in France.

The Telegram application received the fewest malicious messages from users of Kaspersky Internet Security for Android, with a similar geographical distribution to WhatsApp. On Telegram, the majority of attempts were recorded in Russia (56%), India (6%) and Turkey (4%). The high proportion of fraudulent messages circulating in Russia is likely due to the high popularity of Telegram in that country.

According to the study, few fraudulent messages were circulated on Viber and Hangouts. The main difference between these two applications is the geographical distribution of messages. On Viber, most phishing attempts were recorded in Russia (89%) and the CIS (Commonwealth of Independent States), including Ukraine (5%) and Belarus (2%). On Hangouts, the malicious messages mainly targeted users located in the United States (39%) and France (39%).

Regarding the number of phishing attacks per user on WhatsApp, Brazil (177) and India (158) stand out while Russia leads on Viber (305) and Telegram (79).

"The statistics indicate that the use of phishing in instant messaging applications remains one of the favorite techniques of cybercriminals. One reason for this is the immense popularity of these applications among the general public and the ability to exploit certain built-in features to perpetrate attacks. It can be difficult to recognize a phishing attempt, as sometimes it can be just a single character or a minor error in the wording of the message. Vigilance and the use of anti-phishing technologies are an effective approach to combating phishing in email applications," says Tatyana Shcherbakova, Senior Web Content Analyst at Kaspersky.

To reduce the risk of becoming a victim of phishing and receiving fraudulent links in messages, it is advisable to follow the following recommendations:

- Be vigilant and look for misspellings or other suspicious elements within the links.

- Be wary of chain letters, a common practice where a cybercriminal asks a user to share a fraudulent link with their contacts, which then appears legitimate because it was sent by a trustworthy person. Stay on guard and never share a suspicious link with your contacts.

- Cybercriminals often use WhatsApp and other similar applications to communicate with users located on legitimate sites (e.g. e-commerce platforms or online booking services) and use these applications to send fraudulent messages. Even if the sites and messages appear legitimate, it is likely that the hyperlinks are misspelled or redirect to an unexpected page.

- Even if the message is from one of your best friends, keep in mind that their account may have been hacked. Be careful in all circumstances.

- Even if a message seems friendly, beware of links and attachments.

- Install a trusted security solution and follow its recommendations. Security solutions will fix most problems automatically and alert you when necessary.

About Kaspersky

Kaspersky is a global cybersecurity and digital privacy company founded in 1997. Kaspersky's expertise in threat intelligence and computer security is constantly being applied to the creation of security solutions and services to protect businesses, critical infrastructures, public authorities and individuals around the world.

Source : developpez.com