SecurityBrief Australia - Technology news for CISOs & cybersecurity decision-makers
Australia
Guides
#
cloud security
#
cybersecurity
#
endpoint protection
#
firewall
#
ransomware
Search
Story image
#
Email Security
#
Phishing
#
Avast
Nearly half of Aussies can’t identify fake NAB website - survey
Mon, 2nd Dec 2019
FYI, this story is more than a year old
By Staff Writer
Follow us

Online security company Avast has conducted a survey which positioned a true image of the National Australia Bank (NAB) website alongside a screenshot of a real-world phishing version of the page.

Respondents were then asked which version they thought was real.

Almost half (46.4%) chose the phishing version, while 53.6% chose the screenshot of the real login page.

Additionally, Avast asked respondents if they have fallen victim to a phishing scam themselves, with 15.3% admitting that they had, 67.2% saying that they had not, and a further 17.4% unsure.

Of those 15% who had fallen for phishing scams in the past:

  • 61.3% had been a victim of email phishing
  • 31.3% had visited a phishing website
  • 21.3% had fallen for SMS phishing
  • 32.5% had fallen for telephone phishing

The research indicates that many of these victims had been fallen to more than one attack.

“Phishing continues to be one of the leading attack methods because it allows cybercriminals to target people at scale using social engineering, which is a tactic used to trick people into carrying out certain actions.

“Cybercriminals use social engineering to take advantage of typical human behaviour, as it is easier to trick a person than to hack into a system,” says Avast threat intelligence director Michal Salat.

“Phishing can come in many forms, including over the phone, via messages such as SMS, and even in person. However, the most common form of phishing is online, via phishing links. Phishing links leading to malicious websites can be delivered in emails that appear to come from legitimate sources.

“They can also be attached to messages sent on social networking sites and apps, like Facebook and WhatsApp, and they can even misleadingly appear in search engine results.

Tips to avoid phishing

●    Install an antivirus solution on all devices, whether PC, mobile, or Mac. Antivirus software acts as a safety net, protecting online users.

●    Do not click on links or download files from suspicious emails. Avoid replying to them, as well, even if they allegedly came from someone trusted. Instead, contact those entities through a separate channel and ensure that the message actually came from them.

●    Directly enter a website's URL into the browser whenever possible, to visit the site intended site, rather than a phony version.

●    Do not solely rely on the green HTTPS padlock in the browser URL bar. While this signifies that the connection is encrypted, the site could still be fake. According to Avast data, six out of ten phishing sites are encrypted to further deceive users, so it's important to double-check that the site visited is the real deal.

Survey conducted online, among 1045 Avast users in Australia from November 13 to November 20, 2019.

Related stories
Tecala partners with Check Point to boost Australia's email security
Check Point boosts email security with new AI-powered features
The rising threat of search engine ad abuse
New In the Wild 2024 report reveals key cyber threats
Darktrace shifts to proactive AI strategy to combat rising cyber threats
Top stories
'Junk gun' ransomware: New low-cost cyber threat targets SMBs
Legit Security announces strategic partnership with GuidePoint Security
Waave launches biometrically secured Waave Wallet in Australia
Healthcare sector's cybersecurity confidence misplaced, warns Kroll report
Gartner survey reveals challenges in zero-trust strategy implementation