Kenya is listed among the top three countries in Africa that recorded increased attacks related to data loss threats (phishing and scams/social engineering) in the first quarter of 2022, in a new report by Kaspersky, a cybersecurity company.

According to Kaspersky, it detected 10,722,886 phishing attacks in Africa in Q2, a significant increase in comparison with the previous quarter. Kenya, South Africa and Nigeria were the most affected according to the report.

“Kenyan users were influenced the most by this type of threat: there were 5,098,534 phishing attacks detected in 3 months – a growth of 438% when compared to the previous quarter. It was followed by South Africa (4,578,216 detections and a growth of 144%) and Nigeria (1,046,136 detections and a growth of 174%),” the report says.

Phishing is the fraudulent practice of sending emails purporting to be from reputable companies in order to induce individuals to reveal personal information, such as passwords and credit card numbers while social engineering uses psychological manipulation to trick users into making security mistakes or giving away sensitive information.

Kaspersky notes that scamming activities around travel have been on the rise as international travel resumes post the 2020 covid-19 pandemic, with numerous phishing pages distributed under the guise of airline and booking services.

“…..with intensified scamming activity targeting users through fake booking and rental services. Such attacks are totally preventable, which is why we urge users to be skeptical about overly generous offers. If an offer seems too good to be true, it probably is,” said Mikhail Sytnik, security expert at Kaspersky.

The company recommends the following measures to keep yourself protected from phishing and scams:

• Carefully look at the address bar before entering any sensitive information, such as your login details and password. If something is wrong with the URL (i.e., spelling, it doesn’t look like the original or it uses some special symbols instead of letters) don’t enter anything on the site. If in doubt, check the certificate of the site by clicking on the lock icon to the left of the URL.
• Not clicking on links that come from unknown sources (either through e-mails, messaging apps or social networks).
• Visiting the business’ official website if you see a giveaway offered in e-mail or on social media by a travel company or an airline to confirm the giveaway exists. You should also carefully check the links the giveaway ad leads you to.
• Using a good security solution that can protect you from spam emails and phishing attacks.