Malice in the message: Phishing in messenger apps
Anonymised data, voluntarily provided by Kaspersky Internet Security for Android users, has shown which messenger apps are the most popular among phishing scammers. The biggest share of detected malicious links between December 2020 and May 2021 was sent via WhatsApp (89.6%), followed by Telegram (5.6%). Viber is in third place with a share of 4.7% and Hangouts has less than 1%. Countries experiencing the highest number of phishing attacks were Russia (46%), Brazil (15%) and India (7%). Globally, 480 detections were recorded per day.
According to the research, messenger apps outstripped social networks by 20% in 2020, in terms of popularity among users, and became the most popular tool for communication. Survey results also show that in 2020, the global audience for messengers amounted to 2.7 billion people, and by 2023 it is expected to grow to 3.1 billion. That is almost 40% of the world’s population.
Kaspersky Internet Security for Android has added a new feature, Safe Messaging, which prevents users from opening malicious links that they receive in messenger apps (WhatsApp, Viber, Telegram, Hangouts) and through SMS. As a result, Kaspersky analysed anonymised clicks on phishing links across messenger apps and found that between December 2020 and May 2021, 91,242 detections were recorded globally. According to the statistics, Kaspersky Internet Security for Android detected the biggest number of malicious links in WhatsApp, partly due to the fact that it is the most popular messenger globally. The biggest share of such messages was detected in Russia (42%), Brazil (17%) and India (7%).
“Statistics show that phishing in instant messenger apps is still one of the most popular tools among scammers. This is partly due to the wide popularity of these apps among the audience, as well as the ability to use the built-in functionality of applications to carry out attacks. Sometimes it can be difficult to determine whether an attack is phishing, as the difference can be just one character or a minor mistake. Vigilance combined with anti-phishing technologies form a reliable tool in the fight against phishing in messenger apps,” says Tatyana Shcherbakova, senior web content analyst at Kaspersky.