An Alarming Rise in Cyber Attacks on Israel
The number of infidelity attacks against Israeli organizations increased by 30% in 2020 and stood at 518 – according to Kaspersky’s report. An alarming increase also in the rate of successful phishing attacks. Other interesting points in the report: 42% of emails in Israel are spam, “Dead from Corona.
The success rate of phishing attacks in Israel is rising. Alarmingİ,İn increase of about 30 percent In infidelity attacks on companies and offices in Israel. The total number of infidelity attacks on Israel in 2020 was 518, compared to 398 such attacks in the year before.
Kaspersky Security Network (KSN) today released its annual phishing and spam report. Among the report’s findings: More than half of the world’s emails are spam and fraud attempts. The spam rate out of all emails was 50.37 percent, and at the same time it is a decrease of 6.14 percent compared to 2019. In Israel, the situation is even better and the spam rate here has reached only 42 percent. According to Kaspersky data, the most prominent country from which spam mail comes is Russia, with a rate of 21 percent of all spam mail.
Kaspersky software managed to prevent the activation of 184 million malicious files attached to emails in 2020. It turns out that the viruses most commonly used are from the Trojan.Win32.Agentb family, malware designed to harm data, copy it and even block any possibility of using it. In addition, 435 million attempts to lure users into fraudulent sites were attempted, in which attempts were made to steal the details of the victim’s identity.
The report describes the main trends in fraud in the past year. For example, it turns out that there has been a significant increase in attacks in which criminals impersonate customer service of large companies such as Amazon, PayPal or Microsoft. The innovation this year was to add email numbers to emails. Of service, order confirmation or solution to a technical problem the victim was asked to call a phone number.Of course the emails were also accompanied by malicious links and the user who assumed it was a legitimate email was tempted to click on the link instead of having a supposed call with customer service.
Another notable trend was the attempted extortion from innocent victims. Emails in which the attacker claims to have recorded the victim in awkward situations were added last year to emails claiming that the victim was recorded using a secret zoom system feature. In an updated version of the Nigerian prince scam, the attackers in some cases sent videos of famous people being humiliated as an illustration of the seriousness of their intentions.
But the more significant phenomenon was the increasing attempts at blackmail against companies. There were companies that received threats that if they did not pay a ransom in Bitcoin, they would be caught in a DDOS attack, as a result of which it would not be possible to use the company’s services, website or email system. There were attackers who added a threat to damage the company’s reputation if it did not pay. In a particularly extreme case, the attackers announced that they had planted a bomb in the company’s offices and demanded $ 20,000 in order not to detonate it. They threatened that if police were involved they would detonate the bomb.
Social networks, payment systems, communications companies, computer services, financial services and others (Source: Kasparsky)
The main attacks on the business sector were those designed to extract a username and password from one of the employees, which is then used as a penetration vector for the organization’s computers. To achieve this goal, the attackers showed great creativity: send online documents whose opening requires entering a name and password, as well as links to sites that look just like the official membership sites that only verify the user’s identity. There was also the use of voice messages, which in order to hear them one has to enter personal details or an invitation to zoom calls with similar conditions.
The corona has been used by many cybercriminals as a cover for their criminal purposes. There have been many attacks that have offered victims receiving business grants or tax breaks, and for that they were required to fill out forms with full company details, and in some cases even pay a commission. Malicious campaigns pretended to be the World Health Organization (WHO) or one delivery service or another, and the link in those messages implanted damage in the victims’ phones. In an updated version of the Nigerian prince scam, there were emails in which the alleged lawyer of a man who died of corona, informs the victim that he has received a large inheritance, if only he clicks on the link.
An Alarming Rise in Cyber Attacks on Israel - /10