The Bundesamt für Sicherheit in der Informationstechnik (BSI), Germany’s cybersecurity agency, found that phishing attacks and data leaks were the most significant digital threats in 2024 for consumers.
In its yearly review, the BSI says it received over 17,000 reports last year, primarily related to cybercrime such as phishing, online fraud, account abuse, and unauthorized access.
According to the cybersecurity agency, scammers used to focus their phishing attacks heavily on the financial sector. Nowadays, they try to mimic brands from diverse sectors, including banking, logistics, e-commerce, streaming services, and even government agencies.
To make their scams harder to detect, attackers utilize the power of artificial intelligence (AI) to generate convincing phishing emails and websites. For example, in September 2024, scammers launched a phishing campaign in which they falsely used the BSI’s name and reputation to urge recipients to install fake antivirus software.
Consumers told the BSI they had trouble identifying scams and protecting their online accounts, causing them to fall victim to phishing scams and fraudulent websites.
In addition, more households own smart home and Internet of Things (IoT) devices. These gadgets generally have poor security by default, making them vulnerable to security threats. The BSI found over 30,000 infected IoT devices with pre-installed malware.
A survey showed that only 42% of consumers knew that smart devices could be infected with malicious software. And less than 50% were aware that these devices could be hacked. One in three consumers (34%) took security precautions by changing the default password for their smart home account.
Germany’s cybersecurity agency encourages consumers to use a password manager to create stronger passwords and implement two-factor authentication (2FA) to protect their online accounts.
To minimize their vulnerability, consumers ought to better secure their smart home devices by regularly updating their hardware and using strong and unique passwords for every device.
Additionally, companies should communicate more openly about possible security risks and offer easy-to-implement security solutions. Lastly, businesses and organizations that offer critical services should entrust stronger security standards and mandatory 2FA.
Your email address will not be published. Required fields are markedmarked