Avast survey reveals nearly half of Australians at risk of falling for phishing scam
Respondents have trouble identifying real NAB website when compared to a fake
Avast (LSE: AVST), a global leader in online security products, conducted a survey which positioned a true image of the National Australia Bank (NAB) website alongside a screenshot of a real-world phishing version of the page. Respondents were then asked which version they thought was real. Almost half (46.4 percent) chose the phishing version, while 53.6 percent chose the screenshot of the real login page.
Additionally, Avast asked respondents if they have fallen victim to a phishing scam themselves, with 15.3 percent admitting that they had, 67.2 percent saying that they had not, and a further 17.4 percent unsure.
Of those 15 percent who had fallen for phishing scams in the past:
61.3 percent had been a victim of email phishing
31.3 percent had visited a phishing website
21.3 percent had fallen for smishing (SMS phishing)
32.5 percent had fallen for telephone phishing
The research indicates that many of these victims had been fallen to more than one attack.
“Phishing continues to be one of the leading attack methods because it allows cybercriminals to target people at scale, using social engineering, which is a tactic used to trick people into carrying out certain actions. Cybercriminals use social engineering to take advantage of typical human behaviour, as it is easier to trick a person than to hack into a system. In October 2019, we blocked 370,338 phishing attempts targeting 63,577 of our Australian users,” said Michal Salat, Director of Threat Intelligence at Avast. “Phishing can come in many forms, including over the phone, via messages such as SMS, and even in person. However, the most common form of phishing is online, via phishing links. Phishing links leading to malicious websites can be delivered in emails that appear to come from legitimate sources. They can also be attached to messages sent on social networking sites and apps, like Facebook and WhatsApp, and they can even misleadingly appear in search engine results.”
Tips to avoid phishing
● First and foremost, install an antivirus solution on all devices, whether PC, mobile, or Mac. Antivirus software acts as a safety net, protecting online users.
● Do not click on links or download files from suspicious emails. Avoid replying to them, as well, even if they allegedly came from someone trusted. Instead, contact those entities through a separate channel and ensure that the message actually came from them.
● Directly enter a website’s URL into the browser whenever possible, to visit the site intended site, rather than a phony version.
● Do not solely rely on the green HTTPS padlock in the browser URL bar. While this signifies that the connection is encrypted, the site could still be fake. According to Avast data, six out of ten phishing sites are encrypted to further deceive users, so it’s important to double check that the site visited is the real deal.
Survey conducted online, among 1045 Avast users in Australia from November 13 to November 20, 2019.
Avast (LSE: AVST) is a global leader in digital security products. With over 400 million users online, Avast offers products under the Avast and AVG brands that protect people from threats on the internet and the evolving IoT threat landscape. The company’s threat detection network is among the most advanced in the world, using machine learning and artificial intelligence technologies to detect and stop threats in real time. Avast digital security products for Mobile, PC or Mac are top-ranked and certified by VB100, AV-Comparatives, AV-Test, SE Labs, and others. Visit: www.avast.com.