NITDA Warns: Cybercriminals Use Bots, Forms To Automate Phishing

NITDA Warns: Cybercriminals Use Bots, Forms To Automate Phishing

TECH DIGEST – National information Technology Development Agency (NITDA) has alerted government agencies, businesses and citizens on new tricks deployed by cybercriminals to harvest their data.

NITDA’s mandate is to create frameworks for the planning, research, development, standardization, application, coordination, monitoring, evaluation and regulation of Information Technology practices in Nigeria.

In a tweet, the Agency explained how cybercriminals use Telegram Bots and Google Forms to automate phishing activities.

It is pronounced ‘fishing’ and that is basically what it means. It is a process where attackers deceitfully coerce or fish out the passwords and financial information from unsuspecting victims.

TechEconomy.ng recalls that during the peak of COVID-19 pandemic, Sophos Security Team exposed such scam used by cybercriminals to lure unsuspecting members of the public using fake United Nations (UN) and World Health Organisation (WHO) emails.

The scam pages look incredibly simple – and probably didn’t take the crooks more than a few minutes to put together – and visually effective.

The fake pages consist of the official, current home page of the World Health Organisation (WHO), with an unassuming popup form on top of it.

Well, NITDA alerted Nigerians on new tricks deployed by the cybercrime syndicates:

“Hackers use legitimate services such as Google Forms and Telegram Bot to obtain user data stolen during phishing attacks.

“Various ready-to-go platforms which are available on the darknet are used to manage the entire process of the phishing attack and keep financial records linked to them”.

The Agency said that such platforms are distributed under the cyber-as-a-service model, which subsequently leads to more groups conducting attacks.

“Cybercriminals mainly resort to free email services to obtain data of victims (all the info harvested on phishing websites is automatically sent) and gain access to the data of linked bank cards.

To stay safe, NITDA advised internet users should be mindful/avoid open-source software application.