Recent research by the cybersecurity company, Kaspersky, has shown that 61.6% of the total 161,600 financial malware attacks in 2021 in Egypt targeted corporate employees.
The company’s research also showed that the total number of such attacks decreased in the first half (H1) of 2021, compared to the same period of 2020, which Kaspersky experts considered “alarming”.
Oleg Kobrev, a security researcher at Kaspersky, said that cybercriminals continued their efforts to exploit the conditions created by the novel coronavirus (COVID-19) pandemic to their advantage. Meanwhile, local companies continued to strive to adapt to remote work scenarios and pandemic conditions.
“When we look at these statistics, we see the keenness of cybercriminals to target overly reassuring corporate employees in Egypt, as a way to infiltrate corporate systems,” Kobrev said.
Companies in Egypt have become vulnerable to financial malware attacks as more employees are working outside the relative security offered by corporate networks. This has made protecting the work devices of employees who need them to access corporate systems to perform their jobs becoming increasingly important, as working online is normalised.
Training employees in digital security, along with the need to secure these devices, is a key component of protecting against the growing dangers of financial malware that uses phishing tactics to target individual users.
“Financial phishing in particular is one of the most used tools by cybercriminals to make money, as it does not require much investment or technical expertise and can be employed quickly,” Kobrev said, “Successful scammers, in most cases, gain access to either the victim’s money or data that can be sold.”
The best practices that should be resorted to, in this aspect, include ensuring that employees only install applications from trusted sources, such as official application stores.
They must always, however, check the permissions requested by the app. If it does not match the functionality of the application, it should be investigated and brought to the attention of the IT administrator.
As a result, businesses and individual users alike must install reliable security solutions on all devices connected to the Internet, to protect them from a range of cyber-financial threats.
It remains important to ensure that the latest security patches and updates are installed on all software.
Companies should also consider using advanced persistent threat countering technologies and endpoint threat detection, alongside response solutions to enhance the defensive posture of enterprise networked environments.