In terms of phishing attacks, Saudi Arabia is ranked first globally and the UAE tenth. Image Credit: Pixabay

Dubai: Cybercrime activity in the UAE increased drastically last year due to the rise in email malware and phishing attacks.

According to Symantec’s annual internet Security Threat Report Volume 24, Iran is ranked the highest in terms of cybercrime activity in the Middle East in 2018, followed by Egypt, Saudi Arabia and Algeria.

The UAE was ranked eighth last year compared to ninth in 2017 and tenth in 2016. Higher the ranking means worse the situation in that country is.

Bashar Bashaireh, general manager and regional director at Symantec, told Gulf News that email malware attacks in the UAE have doubled more than the global average and phishing levels remained unusually high.

According to the report, one in 183 emails in the UAE included a malicious attachment or link, whereas the global average was one in 412 emails, while phishing levels have declined globally, dropping from one in 2,995 emails in 2017 to one in 3,207 emails in 2018. In the UAE, one in 2,312 emails was compromised last year.

Image Credit: Gulf News

The UAE is ranked tenth globally in terms of malicious email attacks while Saudi Arabia is ranked first and Oman is ranked seventh in the GCC.

In terms of phishing attacks, Saudi Arabia is ranked first globally and the UAE tenth.

Bashaireh said that transportation and public utilities sectors received more malicious emails than other sectors whereas the local service industry was impacted by phishing activities.

According to the report, the US remains the highest in terms of criminal activity globally, followed by China, India and Brazil.

Even though ransomware and cryptojacking declined last year globally, Bashaireh said that bad actors are doubling down on alternative methods, such as formjacking, to make money.

On average, he said that more than 4,800 unique websites were compromised with formjacking code every month.

Symantec blocked more than 3.7 million formjacking attacks globally in 2018 — which included computers, laptops, Macs and mobile devices — with nearly a third of all detections occurring during the busiest online shopping period of the year — November and December — and criminals collected tens of millions of dollars last year.

In the UAE, he said that one in 344 formjacking attacks were blocked last year but did not say how many websites were compromised.

“The surge in formjacking attacks shows how the supply chain can be a weak point for online retailers and e-commerce sites. Many of the formjacking attacks were the result of the attackers compromising third-party services commonly used by online retailers, such as chatbots or customer review widgets,” he said.

Bashaireh said that there was a 52 per cent drop in cryptojacking and it is due to the 90 per cent drop in crypto currency (Monero) value last year and in turn which reduced the profitability for hackers.

However, he said that cryptojacking continues to hold appeal with attackers due to the low barrier of entry, minimal overhead and anonymity it offers.

Monero trades now at $53.27 after hitting a high of $419.71 in January 2018.

Even though ransomware decreased last year on the consumer side, enterprise detections increased by 12 per cent, which demonstrates that ransomware continues to be a problem for enterprises.

For the first time since 2013, he said that ransomware infections dropped by 20 per cent in 2018 but formjacking is expected to increase this year.

What is cryptojacking and formjacking?

■ Cyber criminals harness stolen processing power and cloud CPU usage from consumers and enterprises to mine cryptocurrency.

■ Cryptocurrencies like Monero, Ethereum, Ethereum Classic and Dash can be mined using GPU (graphics processing unit) hardware found in many home computers while Monero and Verium Reserve can be more suited to CPU mining.

■ Formjacking attacks are essentially virtual ATM skimming where cybercriminals inject malicious code into retailers’ websites to steal shoppers’ payment card details.

■ It is difficult for a consumer to know an infected online website of a retailer and it is better to visit only trusted websites and have a comprehensive security solution on mobile phones and laptops.