Facebook, WhatsApp, Netflix among top 5 services being used for phishing attacks: Check full list
There are several web services that employees of small and medium businesses most frequently access while working. These include YouTube, Facebook, Google services and WhatsApp, with some of these applications being the most exploited by malefactors as a springboard for phishing, researchers at Kaspersky have found.
There are several web services that employees of small and medium businesses most frequently access while working. These include YouTube, Facebook, Google services and WhatsApp, with some of these applications being the most exploited by malefactors as a springboard for phishing, researchers at Kaspersky have found. However, this list differs from the services that employers tend to limit for use on corporate devices
According to anonymized statistics of events captured in a Kaspersky product, voluntarily provided by its customers, the top five web services employees access more often from their corporate devices include a video sharing platform, a social network, a mail service and a messenger: YouTube, Facebook, Google Drive, Gmail and WhatsApp - all leading services in their respective segments.
Unfortunately, these same web services are also exploited for phishing and other malicious actions. Kaspersky analysis revealed the top five applications where phishing attempts were found most often: Facebook (4.5m phishing attempts), WhatsApp (3.7m), Amazon (3.3m), Apple (3.1m) and Netflix (2.7m).
Indraprastha Medical Corp stock hits lower circuit; Apollo Hospitals trades in green amid allegations of kidney transplant malpractices
Kisan Vikas Patra (KVP): Money gets double in 115 months; assured income, guaranteed returns, and other benefits
300% Dividend: Hindustan Zinc declares second interim dividend - Check record date and other details
Google’s offerings bundled together, including YouTube, Gmail and Google Drive, took sixth position with 1.5m phishing attempts. With the two lists sharing many of the services, these results only confirm the trend that popular applications have become valuable platforms for fraudsters’ malicious actions.
How to stay safe?
Kaspersky suggests that businesses should follow these steps to ensure their employees use web services safely and securely:
·Show employees how to recognize fake or insecure websites and phishing messages. Encourage them to never enter their credentials before checking a website’s credibility, or open and download files from unknown senders.
·Conduct basic security awareness training for your employees. This can be done online and should cover essential practices including those that protect against phishing, such as account and password management, email security, endpoint security and web browsing.
·Adopt a proven endpoint security product with web, network and mail threat protection.
·It is also important to enhance IT managers’ expertise on relevant cyberthreats and how to prevent them.