SecurityBrief Asia - Technology news for CISOs & cybersecurity decision-makers
Story image
Kaspersky detects 500k phishing attempts on SEA businesses
Fri, 29th Mar 2024

Next-generation security solutions firm, Kaspersky, detected nearly 500,000 financial phishing attempts on businesses across Southeast Asia (SEA) in 2023.

Philippines, with 163,279 attempts, topped the list, while Malaysia and Indonesia followed with 124,105 and 97,465 phishing attempts respectively. Lesser incidents were reported in Vietnam at 36,130, and remarkably few attempts were detected in Thailand and Singapore at 25,227 and 9,502 respectively.

According to Kaspersky, phishing continues to be a favoured deception method employed by hackers for infiltrating business networks. The surge in generative AI technology is equipping cybercriminals with an ability to create compelling phishing messages, thereby heightening the potency of such scams, the security solutions firm says.

In an elaborate illustration of the threat landscape, Yeo Siang Tiong, General Manager for Southeast Asia at Kaspersky, says, "Phishing is a trusted technique for cybercriminals when it comes to infiltrating business networks because they usually work."

"The evolving technology, especially generative AI, aids the creation of deceptive resources, often blurring the distinguishing line between scam and legitimate communication," Yeo said.

Kaspersky said the financial sector has been the primary target with cybercriminals masquerading as reputable banking, payment systems, and digital shops.

Kaspersky's solutions detected and blocked a total of 455,708 financial phishing attempts on businesses of various sizes noted in the Asia Pacific region over the course of 2023. These phishing attacks were paced via myriad communication channels, including emails, fraudulent websites, messengers, social media, etc.

Given the profound impact of employee violations on a company's cybersecurity, Yeo adds, "Our recent study showed employee security violations can be as damaging as external hacking for companies in the Asia Pacific region, which means the human factor continues to play a key role in making businesses vulnerable."

Consequently, strategies to overcome human error should encompass staff education, skills development, and an overall strengthening of the company's ability to deftly detect and respond to cyberattacks, according to Kaspersky.

To counter the damaging outcomes of successful phishing attacks, Kaspersky experts suggest implementing enterprise security solutions with anti-phishing software, like the Advanced Anomaly Control feature present in Kaspersky's Endpoint Security for Business Advanced and Kaspersky Total Security for Business.

Additionally, enhanced decision making to stay ahead of threats and a more focused allocation of budgets towards cybersecurity are also recommended. For such purposes, Kaspersky offers services such as the Interactive Protection Simulation aimed at improving C-level professional education and Kaspersky Assessments that identifies security loopholes within system configurations.