Communications Authority of Kenya (CA) on Wednesday, February 8, warned Kenyans against clicking on some advertisements on their mobile devices stating that it exposed them to malicious activities.
According to the authority, hackers used the bait-and-switch attack to compromise devices and remotely access their victim's personal information.
In the communication, CA stated that the attackers posed as genuine advertisers on legitimate websites and networks in luring unsuspecting internet users into clicking on the ads.
Further explaining how bait and switch attack was used, the authority stated that the attackers purchase advertising space on popular websites and networks.
They then submit a non-malicious advertisement to the space and when approved, they switch the original content with harmful ones.
“Cyber threat actors purchase advertising space of legitimate websites and then later upload adverts embedded with malicious links.
“The attackers launch compromised advertisements on the different websites or networks to infect unsuspecting users,” CA stated.
However, the Communications Authority of Kenya noted different ways Kenyans could use to protect themselves against bait and switch attacks including only visiting secured websites and networks.
The authority which is mandated to, among other things, license all systems and services in the communications industry, also warned users against clicking on online links advising them to avoid unverified advertisements or links.
Additionally, it urged internet users to use a thorough security solution that would redirect or block malicious websites.
“Implement comprehensive security solutions to detect, block, and purge phishing content on websites and networks,” stated the authority.
Because of the increasing cases of cybercriminals targeting individuals via their phones, the authority further cautioned mobile users reiterating the importance of closely monitoring online activities.
