Vaccination, tourism, cryptocurrency investments, major sports events, movie news, and subscriptions to popular services are among the top topics that are most actively exploited in phishing attacks according to Positive Technologies. You can find out which cyber fraud schemes have become the most popular in 2024 in the hot selection from our analysts.
Useful recommendations and vectors of future cyber attacks are at the end of the article.
A particularly effective phishing attack scenario was employee vaccination surveys sent ostensibly on behalf of the HR department. According to Positive Technologies ' user awareness assessment projects, in 2021, an average of 65% of employees clicked on links from such emails, and 48% entered their corporate credentials in a fake authentication form.
The attackers also sent fake vaccination surveys on behalf of pharmaceutical companies and clinics.
Obtaining fake QR codes and vaccination certificates is another popular way for cybercriminals to deceive Russians, which appeared after the introduction of certain benefits for vaccinated citizens. For example, in the fall of 2021, during the worsening situation with COVID-19, dozens of fake public service sites were found online, where visitors were asked to enter their personal data for "code generation".
As a rule, files attached to emails contain malicious software, which can lead to unacceptable consequences for the organization.
After the release of the South Korean TV series "Squid Game" (Squid Game), which gained huge popularity from the first series and became an Internet phenomenon last year, attackers created fake online stores with goods based on its motives, distributed malware under the guise of gaming applications for smartphones, and even printed cards from the game that contained QR codes.- codes with links to scam resources.
In addition, criminals often send out emails about problems with mobile banking. Fraudsters masterfully manipulate people's fear of losing their accumulated savings and scare them that if the issue is not resolved urgently, they can say goodbye to the money. Because of the panic, users often do not notice suspicious inconsistencies in the message, such as an incorrect sender's address.
Another common method of deception is to convince users to check the delivery status of their parcel by clicking on a link from a phishing email. As a rule, they lead to fraudulent resources.
Example of a phishing email sent on behalf of a well-known email service:
They create fake websites that mimic the resources of well-known companies, and then offer users to earn money, for example, on cryptocurrency, oil and gas. To get money, criminals can even create entire investment platforms, where you need to deposit a certain amount in order to start trading.
There are also cases when scammers under the guise of a well-known bank offered to receive independent accruals from investors. To do this, it was necessary, again, to fill out a small application, and then provide the bank card details for checking the account.
The volume of attacks using social engineering methods will definitely grow, and the consequences may cause more damage. This year, we once again expect to see a large number of phishing attacks united by the theme of significant events, including mass mailings on the topic of the World Cup or the Winter Olympic Games.
Attacks on users of streaming services will increase due to the release of new movies and TV shows. For example, in 2022, the premiere of a series based on the works of J. R. R. Tolkien is planned, which fans from all over the world are waiting for.
And on the eve of the release of the prototype of the digital ruble, a boom in fraudulent sites selling digital currency is expected. Against the background of the growing popularity of investments among individuals, the trend towards fraud using social engineering in this area will continue to strengthen. Potential victims are private investors, to whom attackers will persistently offer their services under the guise of investors, authors of training courses and fake investment platforms (although this is still happening now).
Useful recommendations and vectors of future cyber attacks are at the end of the article.
The coronavirus theme is still trending
If in 2020, attackers distributed more mailings with new information about coronavirus, treatment methods, and plans to return from udalenka, then in 2021 the topic of vaccination and receiving QR codes was solo.A particularly effective phishing attack scenario was employee vaccination surveys sent ostensibly on behalf of the HR department. According to Positive Technologies ' user awareness assessment projects, in 2021, an average of 65% of employees clicked on links from such emails, and 48% entered their corporate credentials in a fake authentication form.
The attackers also sent fake vaccination surveys on behalf of pharmaceutical companies and clinics.
Obtaining fake QR codes and vaccination certificates is another popular way for cybercriminals to deceive Russians, which appeared after the introduction of certain benefits for vaccinated citizens. For example, in the fall of 2021, during the worsening situation with COVID-19, dozens of fake public service sites were found online, where visitors were asked to enter their personal data for "code generation".
Congratulations, you have received the award!
Phishing emails often look like regular emails from partners or other employees of the company (for example, messages from the HR department or technical support service) and notifications from services and work tools (for example, reminders from Microsoft). According to the results of user awareness assessment conducted by Positive Technologies, users in 2024 most often fell for tricks related to changes in bonus payments and wages (as the results of our security analysis projects show, on average, 28% of employees opened fake corporate emails of this content), updates to the social package or programs VMI (54% of openings) and changing the terms of banking services (59% of cases of launching attachments from emails).As a rule, files attached to emails contain malicious software, which can lead to unacceptable consequences for the organization.
New movies and the most anticipated TV shows
During high-profile premieres, scammers are more successful in stealing account and bank card data from users of streaming services such as Netflix. To do this, they create twin sites for popular online movie theaters. Sometimes such phishing sites ask viewers to sign up for a new subscription or renew the current one — in case of "payment", the card details will remain with the attackers. This technique was used, for example, during the release of a special issue of the cult TV series "Friends".After the release of the South Korean TV series "Squid Game" (Squid Game), which gained huge popularity from the first series and became an Internet phenomenon last year, attackers created fake online stores with goods based on its motives, distributed malware under the guise of gaming applications for smartphones, and even printed cards from the game that contained QR codes.- codes with links to scam resources.
Sports scams
Scammers do not avoid major sporting events. In 2021, hackers exploited the themes of the Olympic Games in Tokyo and the European Football Championship in phishing attacks. In addition to fake mailings, fake ticket sales sites were created for the latter.Promises of benefits and compensation to fraud victims
In 2021, a lot of fake resources imitating the websites of well-known banks were blocked. Using the reputation of popular brands, attackers lure users with the promise of various payments, for example, compensation for victims of fraud, offer bonuses when completing surveys or issuing loans on favorable terms, and ask them to enter credentials to log in to their personal account.In addition, criminals often send out emails about problems with mobile banking. Fraudsters masterfully manipulate people's fear of losing their accumulated savings and scare them that if the issue is not resolved urgently, they can say goodbye to the money. Because of the panic, users often do not notice suspicious inconsistencies in the message, such as an incorrect sender's address.
Email subject
Another popular phishing scenario is fake emails from delivery services. The recipient is asked to deposit a small amount: this can be payment of customs duty or delivery. If the user falls for the trick, they risk not only losing money, but also compromising their personal data.Another common method of deception is to convince users to check the delivery status of their parcel by clicking on a link from a phishing email. As a rule, they lead to fraudulent resources.
Example of a phishing email sent on behalf of a well-known email service:
A ticket to nowhere
The interest of scammers in the topic of vacations and travel has existed for quite some time. They create fake emails and websites offering to book tours, hotel rooms, air and train tickets. Citizens are usually lured to malicious resources with profitable promotions and discounts. For example, this year the Turkish Ministry of Commerce warned Russian tourists about fake hotel promotions. Attackers are again interested in the financial benefits and personal data of victims.Fake dates
Due to the massive transition to online dating, people are increasingly using dating apps. For scammers, this is almost a "gold mine": using fake profiles, they assign fake dates to victims, ask them to pay for a joint trip to the cinema online, or drop a link to their profile in another social network. Of course, the money for tickets and credentials from the social network will go to the attackers.Subscriptions to services
In today's world, people use a variety of services every day by subscribing to them: apps for listening to music and watching movies, streaming and cloud platforms. Another fraudulent scheme is that users are sent letters concerning registration or renewal of subscriptions to various platforms. In the future, the attack may develop in different ways.Oil, Gas and Bitcoin
The topic of investing is becoming increasingly popular among ordinary people, most of whom are not familiar with the rules of information security. Therefore, scammers do not miss the opportunity to use this trend.They create fake websites that mimic the resources of well-known companies, and then offer users to earn money, for example, on cryptocurrency, oil and gas. To get money, criminals can even create entire investment platforms, where you need to deposit a certain amount in order to start trading.
There are also cases when scammers under the guise of a well-known bank offered to receive independent accruals from investors. To do this, it was necessary, again, to fill out a small application, and then provide the bank card details for checking the account.
Social Engineering in numbers
Social engineering has become a favorite technique of cyber scammers. The share of such attacks on individuals in the third quarter of 2021 reached 83% compared to 67% in the same quarter a year earlier. According to our estimates, phishing remains one of the main attack methods used by attackers, and the second most important cause of data leakage ― according to IBM, the consequences of a successful phishing attack cost enterprises an average of $ 4.65 million.What the 2024 version will bring
Most of these topics will remain relevant in 2022. Attackers try to adapt phishing campaigns to high-profile events and information guides, updating only the details of fraudulent schemes from year to year.The volume of attacks using social engineering methods will definitely grow, and the consequences may cause more damage. This year, we once again expect to see a large number of phishing attacks united by the theme of significant events, including mass mailings on the topic of the World Cup or the Winter Olympic Games.
Attacks on users of streaming services will increase due to the release of new movies and TV shows. For example, in 2022, the premiere of a series based on the works of J. R. R. Tolkien is planned, which fans from all over the world are waiting for.
And on the eve of the release of the prototype of the digital ruble, a boom in fraudulent sites selling digital currency is expected. Against the background of the growing popularity of investments among individuals, the trend towards fraud using social engineering in this area will continue to strengthen. Potential victims are private investors, to whom attackers will persistently offer their services under the guise of investors, authors of training courses and fake investment platforms (although this is still happening now).
Custom phishing. Cheap price
We predict further development and distribution of the Phishing-as-a-Service model. In short, it is based on the cooperation of attackers, buying and selling ready-made solutions, such as fraudulent sites or malicious scripts.How not to fall for the bait of scammers
To avoid becoming a victim of phishers, Positive Technologies experts recommend following simple information security rules:- always check the sender's address;
- don't click on suspicious links;
- do not enter your account and payment details without verifying the legitimacy of your resources;
- book hotels and tickets only on verified sites (the same applies to signing up for services).
