Surge in financial phishing attacks in Southeast Asia

Kaspersky has reported detecting over 330,000 financial phishing attacks targeting organisations and businesses in Southeast Asia during the first half of 2024.

The cybersecurity firm found that many of these attacks mimicked e-commerce, banking, and payment brands with the intention of stealing credentials and sensitive data. Thailand recorded the highest number of such phishing attacks at 141,258, followed by Indonesia with 48,439, Vietnam with 40,102, and Malaysia with 38,056.

Kaspersky said there was a 41 percent increase in these types of attacks compared to the same period last year. According to the company, this rise is driven by increased digital adoption and the use of artificial intelligence and automation by cybercriminals to enhance the effectiveness of their attacks.

Adrian Hia, Managing Director for Asia Pacific at Kaspersky, explained, "The pool of potential victims has grown larger over the past few years given the increased usage of online banking and digital financials services. Kaspersky experts attribute this sharp rise to an increase in fraudulent activity rather than a decline in user vigilance: cybercriminals are becoming more aggressive in their pursuit of users' data and money, including for those from corporate devices."

Financial phishing involves presenting fraudulent resources related to banking, payment systems, and digital shops to manipulate victims into disclosing personal and corporate information such as financial account credentials. Such schemes often employ social engineering tactics and can disguise themselves as financial institutions or even charitable organisations.

Thailand and Singapore experienced the largest year-on-year increases in financial phishing attacks at 582 percent and 406 percent respectively. Singapore accounted for 28,591 attacks, while the Philippines saw 26,080.

Adrian Hia also stated, "Financial phishing will continue to evolve in this region and sectors like banking, insurance and ecommerce will remain prime targets. Apart from traditional phishing emails, cybercriminals will also continue to exploit social media and messaging platforms to spread fraudulent links, fake pages and apps. With deepfakes growing prevalent, we will also see increase fake videos and voice messages that are highly sophisticated and harder to detect. It is imperative now more than ever for companies to step up their security measures, by implementing robust security solutions, adopting best practices and training their workforce to raise awareness of cyber threats and how to protect themselves and their organisations."

Kaspersky offered several recommendations for companies to safeguard against such threats, including keeping software updated, installing patches for VPN solutions, backing up data regularly, and avoiding software from unverified sources. Additionally, adopting strong passwords, two-factor authentication, and monitoring network activity are suggested to minimise risks.

The cybersecurity firm also recommended setting up a Security Operations Centre using a Security Information and Event Management tool like Kaspersky Unified Monitoring and Analysis Platform to monitor and analyse information security incidents. Other suggestions included the use of latest Threat Intelligence information, enrolling in Kaspersky Professional Services, and subscribing to managed detection and response services if internal expertise is lacking.

For smaller businesses, Kaspersky suggested solutions like Kaspersky Small Office Security, which offers protection without the need for a dedicated IT administrator.

The press release emphasised the importance of educating employees about cybersecurity threats and suggested tools such as the Kaspersky Automated Security Awareness Platform and Kaspersky Expert training. For C-level executives, Kaspersky Interactive Prevention Simulation was noted.