1st of April joke or a cyberattack – Kaspersky's tips to avoid both
A recent survey* by Kaspersky has showed that 56% of employees and business owners using computers in the UAE region faced a situation when colleagues (29.3%), friends or relatives (26.8%) made jokes with their unlocked computer.
These jokes included sending funny messages or emails on behalf of the accounts' owner, placing a screenshot of the desktop as a desktop background, and leaving unexpected pictures, notes, or photos in the files. At the same time just less than 1.3% of the survey respondents admitted to making such jokes themselves.
Similar tricks are also used by cyber attackers. For example, a phishing website may open in a new window in full-screen mode, so that the original browser bar with the phishing URL becomes invisible. Instead, the attackers replace it with an image of the browser bar with the official link of some well-known organisation. This image may display various messages (both visual and audio), such as warnings that the computer has been blocked and a fine must be paid. If the user does not know how to exit full-screen mode in the browser, they may think their computer is really locked. To escape such a trap, users can press F11 or Alt+F4 on Windows, or Cmd+Ctrl+F on a Mac, to exit full-screen mode and regain control.
Short links and QR codes should always be treated with vigilance as they may lead to unpredicted downloads or websites, not only claiming to be an 'April Fools' joke. QR code phishing, known as Quishing, has been a growing concern in recent years. Since there are threat actors looking to benefit from people's trust in a service, it's worth checking such links by copying and pasting them into a tool like GetLinkInfo or UnshortenIt. Cybersecurity solutions help with a built-in QR scanner that lets users check the link and warns users about landing on a dangerous website. Additionally, hovering over a short link (without clicking) can sometimes reveal the true destination URL in the browser's status bar, offering a quick safety check.
'A friendly joke won't lead to the loss of money or data, like cyber attacks do, but might still be not very pleasant. Following simple rules when working with a computer, tablet or phone will help to avoid unpleasant consequences. Be vigilant, have strong passwords in place and keep your devices locked', notes Brandon Muller, technology expert and consultant at Kaspersky.
Kaspersky shares the following advice to help you avoid getting tricked into jokes or scams:
Lock your computers and other devices when leaving them unattended, as this can prevent not only jokes, but also surprises from children, pets or passersby. Key combinations to instantly lock the computer are Win+L on Windows, and Cmd+Ctrl+Q on MacOS.
when leaving them unattended, as this can prevent not only jokes, but also surprises from children, pets or passersby. Key combinations to instantly lock the computer are Win+L on Windows, and Cmd+Ctrl+Q on MacOS. Use strong passwords and do not write them down near your computer. Using a different password for each device and service is recommended. Password manager solutions can be useful.
and do not write them down near your computer. Using a different password for each device and service is recommended. Password manager solutions can be useful. Educate yourself on how to recognise phishing emails, by looking for such signs as the sender's address, executable files, or files with macros in attachments. These messages also often create a sense of unclarity, urgency or unexpected calls to action. Only open attachments and click links if you are confident in the sender's legitimacy. If the sender seems legitimate, but the content of the message looks strange, it is worth contacting the sender via an alternative means of communication. Specialised courses, such as Kaspersky Automated Security Awareness Platform, can help organisations educate their employees, including through phishing simulators.
by looking for such signs as the sender's address, executable files, or files with macros in attachments. These messages also often create a sense of unclarity, urgency or unexpected calls to action. Only open attachments and click links if you are confident in the sender's legitimacy. If the sender seems legitimate, but the content of the message looks strange, it is worth contacting the sender via an alternative means of communication. Specialised courses, such as Kaspersky Automated Security Awareness Platform, can help organisations educate their employees, including through phishing simulators. Use a protection solution, such as Kaspersky Next for businesses or Kaspersky Premium, for individual users, that warns about potential dangers.
Due to AI developments , both friendly tricks and cyber attacks can come in the form of fake images or videos. Be attentive to details (such as seven fingers, a third hand or misspelled words) and think critically into call to actions. For added caution, verify questionable media by cross-checking with trusted sources or using reverse image search tools like Google Images.
*The survey was conducted by Toluna research agency at the request of Kaspersky in 2025. The study sample included 2800 online interviews with employees and business owners using computers for work in 7 countries: Türkiye, South Africa, Kenya, Pakistan, Egypt, Saudi Arabia, and the UAE.
Image Credit: Stock Image
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Khaleej Times
3 days ago
- Khaleej Times
Artificial Intelligence in cybersecurity: savior or saboteur?
Artificial intelligence has rapidly emerged as both a cornerstone of innovation and a ticking time bomb in the realm of cybersecurity. Once viewed predominantly as a force for good, enabling smarter threat detection, automating incident responses, and predicting attacks before they happen — AI has now taken on a double-edged role. The very capabilities that make it invaluable to cybersecurity professionals are now being exploited by cybercriminals to launch faster, more convincing, and more damaging attacks. From phishing emails indistinguishable from real business correspondence to deepfake videos that impersonate CEOs and public figures with chilling accuracy, AI is arming attackers with tools that were previously the stuff of science fiction. And as large language models (LLMs), generative AI, and deep learning evolve, the tactics used by bad actors are becoming more scalable, precise, and difficult to detect. 'The threat landscape is fundamentally shifting,' says Sergey Lozhkin, Head of the Global Research & Analysis Team for the Middle East, Türkiye, and Africa at Kaspersky. 'From the outset, cybercriminals began using large language models to craft highly convincing phishing emails. Poor grammar and awkward phrasing — once dead giveaways are disappearing. Today's scams can perfectly mimic tone, structure, and professional language.' But the misuse doesn't stop at email. Attackers are now using AI to create fake websites, generate deceptive images, and even produce deepfake audio and video to impersonate trusted figures. In some cases, these tactics have tricked victims into transferring large sums of money or divulging sensitive data. According to Roland Daccache, Senior Manager – Sales Engineering at CrowdStrike MEA, AI is now being used across the entire attack chain. 'Generative models are fueling more convincing phishing lures, deepfake-based social engineering, and faster malware creation. For example, DPRK-nexus adversary Famous Chollima used genAI to create fake LinkedIn profiles and résumé content to infiltrate organisations as IT workers. In another case, attackers used AI-generated voice and video deepfakes to impersonate executives for high-value business email compromise (BEC) schemes.' The cybercrime community is also openly discussing how to weaponize LLMs for writing exploits, shell commands, and malware scripts on dark web forums, further lowering the barrier of entry for would-be hackers. This democratisation of hacking tools means that even novice cybercriminals can now orchestrate sophisticated attacks with minimal effort. Ronghui Gu, Co-Founder of CertiK, a leading blockchain cybersecurity firm, highlights how AI is empowering attackers to scale and personalize their strategies. 'AI-generated phishing that mirrors human tone, deepfake technology for social engineering, and adaptive tools that bypass detection are allowing even low-skill threat actors to act with precision. For advanced groups, AI brings greater automation and effectiveness.' On the technical front, Janne Hirvimies, Chief Technology Officer of QuantumGate, notes a growing use of AI in reconnaissance and brute-force tactics. 'Threat actors use AI to automate phishing, conduct rapid data scraping, and craft malware that adapts in real time. Techniques like reinforcement learning are being explored for lateral movement and exploit optimisation, making attacks faster and more adaptive.' Fortifying Cyber Defenses To outsmart AI-enabled attackers, enterprises must embed AI not just as a support mechanism, but as a central system in their cybersecurity strategy. 'AI has been a core part of our operations for over two decades,' says Lozhkin. 'Without it, security operations center (SOC) analysts can be overwhelmed by alert fatigue and miss critical threats.' Kaspersky's approach focuses on AI-powered alert triage and prioritisation through advanced machine learning, which filters noise and surfaces the most pressing threats. 'It's not just about automation — it's about augmentation,' Lozhkin explains. 'Our AI Technology Research Centre ensures we pair this power with human oversight. That combination of cutting-edge analytics and skilled professionals enables us to detect over 450,000 malicious objects every day.' But the AI evolution doesn't stop at smarter alerts. According to Daccache, the next frontier is agentic AI — a system that can autonomously detect, analyze, and respond to threats in real time. 'Traditional automation tools can only go so far,' Daccache says. 'What's needed is AI that thinks and acts — what we call agentic capabilities. This transforms AI from a passive observer into a frontline responder.' CrowdStrike's Charlotte AI, integrated within its Falcon platform, embodies this vision. It understands security telemetry in context, prioritises critical incidents, and initiates immediate countermeasures, reducing analyst workload and eliminating delays during high-stakes incidents. 'That's what gives defenders the speed and consistency needed to combat fast-moving, AI-enabled threats,' Daccache adds. Gu believes AI's strength lies in its ability to analyze massive volumes of data and identify nuanced threat patterns that traditional tools overlook. 'AI-powered threat detection doesn't replace human decision-making — it amplifies it,' Gu explains. 'With intelligent triage and dynamic anomaly detection, AI reduces response time and makes threat detection more proactive.' He also stresses the importance of training AI models on real-world, diverse datasets to ensure adaptability. 'The threat landscape is not static. Your AI defenses shouldn't be either,' Gu adds. At the core of any robust AI integration strategy lies data — lots of it. Hirvimies advocates for deploying machine learning models across SIEM (Security Information and Event Management) and SOAR (Security Orchestration, Automation, and Response) platforms. 'These systems can correlate real-time threat intelligence, behavioral anomalies, and system events to deliver faster, more precise responses,' he says. 'Especially when it comes to detecting novel or stealthy attack patterns, machine learning makes the difference between catching a threat and becoming a headline.' Balancing Innovation with Integrity While AI can supercharge threat detection, response times, and threat simulations, it also brings with it the potential for misuse, collateral damage, and the erosion of privacy. 'Ethical AI use demands transparency, clear boundaries, and responsible data handling,' says Lozhkin.'Organisations must also ensure that employees are properly trained in the safe use of AI tools to avoid misuse or unintended exposure to threats.' He highlights Kaspersky's Automated Security Awareness Platform, which now includes dedicated sections on AI-assisted threats and responsible usage, reflecting the company's commitment to proactive education. When AI is deployed in red teaming or simulated cyberattacks, the risk matrix expands. Gu warns that AI systems, if left unchecked, can make decisions devoid of human context, potentially leading to unintended and widespread consequences. 'Ethical AI governance, robust testing environments, and clearly defined boundaries are essential,' he says, underlining the delicate balance required to simulate threats without crossing into unethical territory. Daccache emphasises the importance of a privacy-first, security-first approach. 'AI must be developed and operated with Privacy-by-Design and Secure-by-Design principles,' he explains. 'This extends to protecting the AI systems themselves — including their training data, operational logic, and outputs—from adversarial manipulation.' Daccache also points to the need for securing both AI-generated queries and outputs, especially in sensitive operations like red teaming. Without such safeguards, there's a real danger of data leakage or misuse. 'Transparency, accountability, and documentation of AI's capabilities and limitations are vital, not just to build trust, but to meet regulatory and ethical standards,' he adds. Despite AI's growing autonomy, human oversight remains non-negotiable. 'While AI can accelerate simulations and threat detection, it must be guided by skilled professionals who can interpret its actions with context and responsibility,' says Daccache. This human-AI collaboration ensures that the tools remain aligned with organisational values and ethical norms. Hirvimies rounds out the conversation with additional cautionary notes: 'Privacy violations, data misuse, bias in training datasets, and the misuse of offensive tools are pressing concerns. Transparent governance and strict ethical guidelines aren't optional, they're essential.' Balancing the Equation While AI promises speed, scale, and smarter defense mechanisms, experts caution that an over-reliance on these systems, especially when deployed without proper calibration and oversight — could expose organisations to new forms of risk. 'Absolutely, over-reliance on AI can backfire if systems are not properly calibrated or monitored,' says Lozhkin. 'Adversarial attacks where threat actors feed manipulated data to mislead AI are a growing concern. Additionally, AI can generate false positives, which can overwhelm security teams and lead to alert fatigue. To avoid this, companies should use a layered defence strategy, retrain models frequently, and maintain human oversight to validate AI-driven alerts and decisions.' This warning resonates across the cybersecurity landscape. Daccache echoes the concern, emphasising the need for transparency and control. 'Over-relying on AI, especially when treated as a black box, carries real risks. Adversaries are already targeting AI systems — from poisoning training data to crafting inputs that exploit model blind spots,' he explains. 'Without the right guardrails, AI can produce false positives or inconsistent decisions that erode trust and delay response.' Daccache stresses that AI must remain a tool that complements — not replaces—human decision-making. 'AI should be an extension of human judgement. That requires transparency, control, and context at every layer of deployment. High-quality data is essential, but so is ensuring outcomes are explainable, repeatable and operationally sound,' he says. 'Organisations should adopt AI systems that accelerate outcomes and are verifiable, auditable and secure by design.' Gu adds that blind spots in AI models can lead to serious lapses. 'AI systems are not infallible,' he says. 'Over-reliance can lead to susceptibility to adversarial inputs or overwhelming volumes of false positives that strain human analysts. To mitigate this, organizations should adopt a human-in-the-loop approach, combine AI insights with contextual human judgment, and routinely stress-test models against adversarial tactics.' Gu also warns about the evolving tactics of bad actors. 'An AI provider might block certain prompts to prevent misuse, but attackers are constantly finding clever ways to circumvent these restrictions. This makes human intervention all the more important in companies' mitigation strategies.' Governing the Double-Edged Sword As AI continues to embed itself deeper into global digital infrastructure, the question of governance looms large: will we soon see regulations or international frameworks guiding how AI is used in both cyber defense and offense? Lozhkin underscores the urgency of proactive regulation. 'Yes, there should definitely be an international framework. AI technologies offer incredible efficiency and progress, but like any innovation, they carry their fair share of risks,' he says. 'At Kaspersky, we believe new technologies should be embraced, not feared. The key is to fully understand their threats and build strong, proactive security solutions that address those risks while enabling safe and responsible innovation.' For Daccache, the focus is not just on speculative regulation, but on instilling foundational principles in AI systems from the start. 'As AI becomes more embedded in cybersecurity and digital infrastructure, questions around governance, risk, and accountability are drawing increased attention,' he explains. 'Frameworks like the GDPR already mandate technology-neutral protections, meaning what matters most is how organizations manage risk not whether AI is used.' Daccache emphasises that embedding Privacy-by-Design and Secure-by-Design into AI development is paramount. 'To support this approach, CrowdStrike offers AI Red Teaming Services, helping organisations proactively test and secure their AI systems against misuse and adversarial threats. It's one example of how we're enabling customers to adopt AI with confidence and a security-first mindset.' On the other hand, Gu highlights how AI is not only transforming defensive mechanisms but is also fuelling new forms of offensive capabilities. 'As AI becomes integral to both defence and offense in cyberspace, regulatory frameworks will be necessary to establish norms, ensure transparency, and prevent misuse. We expect to see both national guidelines and international cooperation similar to existing cybercrime treaties emerge to govern AI applications, particularly in areas involving privacy, surveillance, and offensive capabilities.' Echoing this sentiment, Hirvimies concludes by saying that developments are already underway. 'Yes. Regulations like the EU AI Act and global cyber norms are evolving to address dual-use AI,' he says. 'We can expect more international frameworks focused on responsible AI use in cyber defence, limits on offensive AI capabilities, and cross-border incident response cooperation. At QuantumGate, we've designed our products to support this shift and facilitate compliance with the country's cryptography regulations.'
Gulf Business
6 days ago
- Gulf Business
AI-driven ransomware tops 2025 cyber threats in META, says Kaspersky
Image: Getty Images Cyber security firm The report shows that Türkiye and Kenya recorded the highest share of users impacted by web-based threats (26.1 per cent and 20.1 per cent respectively), while the UAE, Saudi Arabia, Egypt, and Jordan reported the lowest levels of web-borne attacks in the region. Key threat: Ransomware Ransomware remains one of the most dangerous threats facing businesses in 2025, particularly in digitally advanced markets in the Middle East. The region has seen an increase in ransomware victims due to 'rapid digital transformation, expanding attack surfaces and varying levels of cybersecurity maturity.' Kaspersky highlights the rise of FunkSec, a new ransomware group that 'quickly gained notoriety by surpassing established groups like Cl0p and RansomHub.' FunkSec operates using a ransomware-as-a-service (RaaS) model and adopts 'double extortion tactics combining data encryption with exfiltration,' while relying heavily on 'AI-generated code, complete with flawless comments, likely produced by large language models (LLMs) to enhance development and evade detection.' Unlike most ransomware groups, FunkSec uses a high-volume, low-ransom strategy, making its attacks more accessible and scalable. Emerging trends Kaspersky warns that ransomware actors are becoming more creative and stealthy. 'Ransomware is expected to evolve by exploiting unconventional vulnerabilities,' the report notes, citing the Akira gang, which used a webcam to bypass endpoint detection systems and infiltrate networks. Attackers are now targeting 'overlooked entry points like IoT devices, smart appliances or misconfigured hardware in the workplace,' taking advantage of the broader attack surface created by increasingly interconnected environments. The rise of generative AI and development tools such as RPA and LowCode is also enabling less-skilled threat actors. 'LLMs marketed on the dark web lower the technical barrier to creating malicious code, phishing campaigns and social engineering attacks,' Kaspersky noted. These tools also allow attackers to 'automate ransomware deployment,' making threats both scalable and harder to trace. Kaspersky is monitoring 25 active advanced persistent threat (APT) groups in the META region, including SideWinder, Origami Elephant, and MuddyWater. These groups are showing 'a growing use of creative exploits targeting mobile devices, along with ongoing advancements in techniques designed to evade detection.' Recommendations for organisations In a statement, Sergey Lozhkin , head of META and APAC regions in Kaspersky's global research and analysis team, warned: 'Ransomware is one of the most pressing cybersecurity threats facing organizations today, with attackers targeting businesses of all sizes and across every region, including META.' He added that criminals are 'exploiting overlooked entry points — including IoT devices, smart appliances, and misconfigured or outdated workplace hardware,' and that these 'often go unmonitored, making them prime targets for cybercriminals.' To counter these risks, Kaspersky advises companies to: Always keep software updated on all the devices you use. Focus your defense strategy on detecting lateral movements and data exfiltration. Set up offline backups that intruders cannot tamper with. Provide your SOC team with access to the latest threat intelligence and regularly upskill them. Use Kaspersky Next, a security platform that offers 'real-time protection, threat Read:
Channel Post MEA
6 days ago
- Channel Post MEA
Kaspersky Discovers Malware Targeting Fintech Platforms
At its annual Cyber Security Weekend for the Middle East, Turkiye and Africa (META) region, Kaspersky revealed the discovery of GriffithRAT – a new and highly sophisticated malware used in campaigns targeting fintech companies, online trading platforms, and Forex exchange services worldwide, with victims in the UAE, Egypt, Turkiye, and South Africa. Distributed via Skype and Telegram channels, GriffithRAT is typically disguised as files containing financial trend analysis or investment advice. These deceptive tactics target both organizations and individual traders who unknowingly download the malware. Once downloaded, it enables attackers to steal login credentials, capture screenshots/webcam stream, log keystrokes, and monitor user activity. The stolen data can be exploited in a variety of ways, ranging from gathering competitive business intelligence to tracking individuals or valuable assets – highlighting the broad potential for misuse. Kaspersky researchers have been monitoring GriffithRAT for over a year and link it to cyber mercenary operations, where threat actors are contracted by third parties to conduct targeted attacks – often driven by motives such as corporate espionage. This connection is reinforced by technical analysis, which shows strong similarities between GriffithRAT and DarkMe intrusions, a known remote access Trojan (RAT) commonly used in mercenary-led cyber campaigns. 'This discovery highlights the growing sophistication and commercialization of cyberthreats,' said Maher Yamout, Lead Security Researcher at Kaspersky. 'GriffithRAT is not the work of random hackers, it is a maintained piece of malware and part of a broader trend where cyber mercenaries are hired to collect sensitive information, often for financial or strategic advantage. The data harvested could offer visibility into the inner workings of major organizations, provide unethical competitive advantage, and may also be sold on the dark web. It is a reminder that in today's threat landscape, cybercrime is increasingly professional, targeted, and persistent.' To stay protected, Kaspersky advises individuals to: Be attentive to the files you download, check them with reputable cybersecurity software, such as Kaspersky Premium for individual users and Kaspersky Next for businesses, that helps detect complex threats, respond automatically, and manage security across all devices, networks, and cloud systems from one place. Be extra cautious when dealing with social media and instant messaging apps; hackers use such mediums to deliver malware in addition to the common phishing emails. Use Kaspersky Threat Intelligence to go beyond the malware and understand the threat actors behind it. By combining diverse data sources and expert research, the portal offers actionable insights – giving access to tactical, operational, and strategic intelligence to stay secure in a dynamic threat landscape. Improve your and your employees' security awareness on a regular basis and encourage safe practices, such as proper account protection. 0 0
