Cyber fraud accounts for more than 55% of all cybercrime for organizations

COVID-19 has highlighted the importance of digital medicine. As the outbreak unfolded, dozens of apps for detecting depression and providing counselling became available. Additionally, hospitals and government agencies across the globe deployed variations of Healthcare Bot service. Instead of waiting on hold with a call centre or risking a trip to the emergency room, people concerned about experiencing, say, coughing and fever could chat with a bot, which used natural language processing to ask about symptoms and, based on AI analyses, could describe possible causes or begin a telemedicine session for assessment by a physician. At the same time, e-commerce industry has become the most targeted by phishing attacks with domains that look legitimate. In Q3 2020, the sector accounted for 35% of all attacks that use this technique.

This may be a result of the pandemic, as there has been a massive transition in the number of consumers relying on online services and shopping. Half (50%) of fake domains are only used once and 73% are active for just one day, which makes them very difficult to detect. Automated multi-layered analysis is able to detect such attacks without compiling domain lists manually. The lookalike technique means phishing emails are sent from a domain that looks like a legitimate web address, but in fact may have a minor spelling error (such as a missing letter). In many cases, a recipient is unlikely to notice the mistake, for example fraudsters will change @netflix.com to @netffix.com or use @kapersky.com instead of @kaspersky.com. The messages with lookalike domains pass authentication without any problems, have a cryptographic signature and do not arouse the suspicion of anti-spam systems.

At the same time, Kaspersky’s research has revealed which industries most often suffer from attacks with lookalike domains. The traditional method of detecting lookalikes is the manual insertion of all possible variants of fake domains into an anti-phishing solution, which is time consuming and not always effective, as some options may still be missed from the list.

In the India region, the average monthly mobile data usage per smartphone continues to show robust growth, boosted by the rapid adoption of 4G and people working from home during COVID-19. The reliance of people on their mobile networks to stay connected as well as work from home has contributed to the average traffic per smartphone user increasing from 13.5GB per month in 2019 to 15.7GB per month in 2020. At the same time with the rapid evolving digital age, governments, businesses, and consumers are increasingly faced with a variety of sophisticated cyber threats.

An increase in phishing attacks, account takeover fraud, and more have focused firms’ efforts to double down on security and pre-emptive measures, but it remains a stiff challenge to implement such measures without adding cumbersome friction into the mix, damaging the end-user experience and taxing limited security resources and staff. The technology which is more effective against phishing with lookalike domains includes several stages of analysis, helping to identify the fake by comparing a suspicious domain to legitimate ones, rather than a list of false ones. During the first stage, the system compares the domain with all known lookalikes. If there are no matches, in the second stage, the system reviews information about the domain, such as registration details or certificates. If something looks suspicious, the investigation continues. In the third stage, the domain is compared with the list of known legitimate web addresses. This list is also composed automatically. If the system finds any similarity between the suspicious domain and a legitimate one, then the verdict will deem it as a ‘lookalike’.

Dr. Deepak Kumar Sahu, Chief editor, VARINDIA