South Africa, Kenya, Ghana top 2024 Africa’s malware attacks

Francis Kokutse, in Accra, Ghana 

Francis Kokutse is a journalist based in Accra and writes for Associated Press (AP), University World News, as well as Science and Development.Net. He was a Staff Writer of African Concord and Africa Economic Digest in London, UK. 

Modern technology has become a necessary tool for our everyday living to improve lives and bring about development. Unfortunately, these same tools carry bitter prices that we have to pay daily. One of such tools is the internet which is turning to be a serious pain to users, and a recent research by the cybersecurity company, NordVPN, has revealed that over 32 million malware attacks through the internet were recorded in South Africa last year. Kenya followed in second place with 23 million, and Ghana with 12 million in the third place.

What these malware attacks mean to companies and individuals who are affected, is so immense. Some of these companies might have lost thousands, if not millions. Unlike the individuals, some of these companies will be able to come out strong since they may have the finance to rebuild their systems. Some individuals have been doomed.

Truth be told, these malwares, which are described as any malicious software designed to harm computers, networks, or data are destructive and these  include viruses, worms, Trojans, spyware, adware, and ransomware.

They are  created with the intention to cause harm, steal data, or disrupt systems. The common types are those that are spread by being attached to files or programmes. They also come in the form of worms that can self-replicate and spread through networks without needing a host file.

There are also the trojans that are disguised as legitimate software to trick users into installing them. In addition, the spyware secretly monitors user activity and collects data without their knowledge. Most computer users may notice some adverts appearing on their screens, some of these are adwares that display unwanted advertisements. Those who are unfortunate, may receive ransomware which encrypts a victim’s files and demands a ransom for their release.

All these are spread through various methods, including malicious emails or phishing, downloading infected files, visiting compromised websites, and they are dangerous because they can lead to data theft, system crashes, financial loss and identity theft.

Following their research, NordVPN, has asked internet users to be extra careful when clicking links, seemingly sent by Big Tech companies – there’s quite a big chance it might be a deliberately misspelled phishing link. Data shows that Google, Facebook, and Microsoft are the top three brands most likely to be impersonated for credential harvesting.

NordVPN is the world’s most advanced VPN service provider, used by millions of internet users worldwide. It  provides double VPN encryption and Onion Over VPN and guarantees privacy with zero tracking. One of the key features of the product is Threat Protection, which blocks malicious websites, malware during downloads, trackers, and ads. The latest service by the Nord Security team is Saily — a new global eSIM.

The company arrived at the statistics on the three countries by analyzing aggregated data it gathered through its Threat Protection Pro service from January 1, 2024 to January 1, 2025.

Adrianus Warmenhoven, a cybersecurity advisor at NordVPN, said the “majority of all phishing attacks use around 300 brand names for deception. The brands themselves are not at fault – such fakes hurt their reputation as well, forcing companies to actively hunt them down. High brand awareness can lull victims into a false sense of security and get them to lower their guard.”  

The same research last year, said  there were almost 85,000 fake URLs that impersonated Google websites and services. With more than 6,000 fake URLs online, Facebook took second place as the scammers’ favourite. Microsoft is in third place, with almost 5,000 fake URLs. Fake AT&T, Yahoo!, and Netflix links should be evaluated more carefully as well. In each of those cases there were around 4,000 fake URLs online.

Data analysed by NordVPN suggest  internet users  also stay away from free video hosting sites (yes, that includes anime hosting websites) and a few other categories. Throughout 2024, NordVPN’s Threat Protection Pro feature blocked more than 1.5 billion malware infection attempts on video hosting sites.

Other domain categories with the most malware are: entertainment (almost 1 billion malware blocked) and sports (124 million). Just a little behind are adult content sites (109 million malware blocked) and file sharing and storage websites (almost 74 million).

“Free video hosting sites in particular, tend to contain a variety of security and privacy threats. Not only malware, but intrusive ads and trackers as well. Over the past year, Threat Protection Pro blocked almost 7 billion ads and more than 119 billion trackers on video hosting sites alone. This accounts for 25% of all blocked trackers by Threat Protection Pro in 2024,” says  Warmenhoven.

He said  websites often share or sell data collected by trackers to third parties. Those who want to protect their privacy can use several tools to become less trackable, such as tracker blockers, which prevent websites and advertisers from collecting data about online activity.

“It is important to know that malware must be actively brought onto your device, such as by downloading an infected file. One of the most common ways to get infected with malware is through phishing attacks. Scammers use deceptive misspellings of popular brands (such as spelling “Amazon” as “Arnazon”) to trick victims into clicking phishing links and downloading infected files. So you should always check the spelling before clicking,”  Warmenhoven added.

Intrusive advertising refers to ads that actively interfere with your online experience. Intrusive ads aren’t content to just stay on the sidelines – they may distract you by popping up randomly while you’re scrolling, open additional browser tabs, hog bandwidth with lengthy videos, or even hijack the page you’re on. Even worse, some intrusive ads may try to infect your device or redirect you to malicious websites.

To protect oneself from common cybersecurity threats like malware, trackers, and intrusive ads,  Warmenhoven advises users to take the following precautions:

• Avoid a “free lunch.” Certain web domain categories are much more likely to host malware that could compromise your device than others. One of the most prominent categories is free video hosting sites.

• Be wary of unsolicited emails and messages. Phishing scams are one of the main methods used by criminals to steal personal and financial data. Emails promising too-good-to-be-true promotions, invitations, or gifts, are probably not true. Messages asking you to update your data or just click on a link may also be versions of phishing.

• Don’t get scared and check the links. Cybercriminals prey on confusion and ignorance. They try to scare people, hoping that victims will act on emotion. Don’t do that. Try not to click on links that try to scare you or promise you riches – check the spelling first.

• Verify downloads. Malware executables may be disguised as or hidden in legitimate files. Always verify the website you want to download from, and always use anti-malware tools like Threat Protection Pro to inspect the files you download.

• Limit data exposure. Information such as location, full name, and other personal details can be used by criminals for scams and cyberattacks. Adjust your privacy settings and avoid sharing sensitive data publicly, such as on social networks. 

• Keep your devices updated. Outdated software is an easy target for cyberattacks. Make sure to keep your operating system, applications, and antivirus software up to date to fix vulnerabilities and ensure greater protection.

Hopefully, companies and individuals across Africa will find some wisdom in the words of Warmenhoven, to take the necessary precaution. Otherwise, they will be opening themselves up to malwares.

• business a.m. commits to publishing a diversity of views, opinions and comments. It, therefore, welcomes your reaction to this and any of our articles via email: comment@businessamlive.com