For the fifth quarter in a row, the Great White North was ravaged by fraud-based phishing attacks, making it the most frequently targeted country by far, absorbing 66 per cent of all attacks, according to RSA’s Quarterly Fraud Report for Q1. The next most commonly targeted country, the U.S., accounted for only seven per cent.
In the first quarter of this year, RSA says it identified nearly 50,120 fraud attacks globally. Phishing remains the go-to weapon of choice for fraudsters, accounting for nearly 55 per cent of all cyberattacks observed by the Dell Technologies subsidiary. The United States continues to be the top hosting country for phishing attacks, accounting for almost 60 per cent of ISPs hosting these types of attacks, according to the report.
The increasing number of fraudsters luring in victims with fake domains that resemble legitimate websites, a rising number of which are tied to COVID-19, has led to an overall 12 per cent spike in brand abuse attacks. These types of attacks made up more than 22 per cent of all attacks in Q1.
David Masson, director of enterprise security at cybersecurity firm Darktrace, says the latest figures “don’t make us look very good,” but noted how RSA’s report doesn’t identify how successful those launched phishing attacks were.
When asked why Canada is picked on nevertheless, Masson pointed to a couple of possibilities: Canada’s proximity to the U.S., a largely English-speaking language, which means phishing attacks can be written in English and appear more legitimate, and our economic status.
“We’re a rich country,” he said, pointing to the country’s massive SMB market, the flourishing startup community and the talent that’s fostered within it. Also, Canada sits in the top 10 when it comes to per-capita income and for several years, has led the G7 in economic growth. “This will attract criminals.”
Canada’s own research efforts into the novel coronavirus have also attracted cybercriminals.
Masson says it will be interesting to see what RSA’s fraud reports show us later this year and in 2021. But, he added, it’s clear the internet is being used against us more than before due to the isolation millions of people have been exposed to and the added reliance on the internet it has led to.
Mobile woes
RSA researchers also analyzed mobile app trends related to cyberfraud. RSA defines mobile application fraud as “mobile applications using an organization’s brand without permission.”
There was a noticeable jump in the volume of fraud transactions originating in a mobile app rather than a mobile browser during Q1 2020. RSA says they doubled from 13 per cent in Q4 2019 to 26 per cent in Q1 2020. “This is the highest percentage of fraudulent transactions originating from a mobile app observed by RSA since Q2 2018,” RSA wrote in the report.