SecurityBrief Asia - Technology news for CISOs & cybersecurity decision-makers
Asia
Guides
#
cloud security
#
cybersecurity
#
endpoint protection
#
firewalls
#
ransomware
Search
Story image
#
Data Protection
#
Advanced Persistent Threat Protection
#
Physical Security

Financial phishing attacks surge in Southeast Asia businesses

Yesterday
Author image
By Catherine Knowles, Journalist

Recent data from Kaspersky indicates a significant number of financial phishing attacks have been directed at businesses in Southeast Asia, with Singapore experiencing over 38,000 attempts.

The cybersecurity firm's business security solutions blocked more than half a million financial phishing attempts on business devices last year across the region. These attacks involve creating fake websites that mimic trusted payment platforms, targeting banking, payment systems, and online retailers.

Yeo Siang Tiong, General Manager for Southeast Asia at Kaspersky, highlighted the extent of the issue. "The sheer volume of financial phishing attempts we've detected in business devices in Southeast Asia is alarming. The region has become a hotspot for cybercriminals due to its booming digital economy, which is projected to reach $1 trillion by 2030. It is clear that cybercriminals are exploiting the region's rapid digital adoption, and businesses must remain vigilant," he said.

Throughout the previous year, Kaspersky intercepted 534,759 financial phishing attacks aimed at businesses, ranging from small enterprises to large corporations. These phishing links were encountered across a variety of platforms, including emails, counterfeit websites, messaging apps, and social networks.

Thailand recorded the highest number, with 247,560 phishing attempts, followed by Indonesia with 85,908, and Malaysia with 64,779. Vietnam faced 59,560 attacks, while both Singapore and the Philippines reported just over 38,000 attempts each.

Yeo further elaborated on the issue stating, "The rise of AI gave way to more convincing fake websites that falling prey is easier than spotting and avoiding them. At the same time, the region's diverse regulatory landscape and varying levels of cybersecurity maturity among businesses make it an attractive target for financially motivated attacks. Now more than ever, it's critical for businesses here to have the right tools and the access to real-time threat intelligence that they need to stay ahead of these threats."

Kaspersky offered several recommendations to prevent phishing-based scams. For individuals, it advises ensuring the trustworthiness of email senders before opening emails or clicking on links, verifying suspicious URLs for common phishing errors, and using proven security solutions for web browsing.

For businesses, Kaspersky suggests running regular security awareness training for employees to help them resist social engineering and spot cybercriminal tricks. This includes recognising scams like those involving Booking.com impersonations through careful scrutiny of sender details and domain names.

Further measures recommended for businesses include implementing email gateway level protections to filter out phishing emails and links, and installing robust security solutions with anti-phishing technologies on all work-related devices.

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X
Related stories
CrowdStrike announces 2025 APJ partner award winners
Exabeam wins triple accolade at 2025 cybersecurity awards
Rapid7 launches PACT Partner Program in APJ region
NormCyber triumphs at teiss Awards with top security title
Outpost24 enhances threat insight with dark web module
Top stories
Cyber firm Immersive appoints new Chief Executive Officer
Rise in cyberattacks using legitimate RMM tools noted
CYFOX unveils OmniSec GenAI to ease security workloads
Endowus teams with Twilio to enhance platform security
Fortinet enhances OT Security Platform with new updates