In 2023, Kaspersky anti-phishing technologies detected nearly 500,000 attempts to follow a phishing link on businesses’ devices in Southeast Asia (SEA).
The Philippines logged the highest number of financial phishing at 163,279 attempts in 2023, followed by Malaysia with 124,105.
Indonesia chalked up 97,465 incidents while Vietnam experienced 36,130 phishing attacks related to financial matters. Thailand and Singapore registered the least number of this threat at 25,227 and 9,502 respectively.
From January to December last year, Kaspersky solutions detected and blocked a total of 455,708 financial phishing attempts targeting companies of various sizes in the region.
The statistics reflect clicks on phishing links placed in various communication channels, including emails, fraudulent websites, messengers, social media, etc.
Interestingly, this number only refers to phishing links related to finance matters – e-commerce, banking, and payment systems.
“Phishing is a trusted technique for cybercriminals when it comes to infiltrating business networks because they usually work. The rise of generative AI helps cybercriminals to make phishing messages or scam resources more convincing. As a result, it becomes challenging for people to distinguish between a scam and a legitimate communication. That’s why the role of robust security solutions increases,” commented Yeo Siang Tiong, general manager for Southeast Asia at Kaspersky.
“Financial phishing” is a type of phishing that refers to fraudulent resources related to banking, payment systems and digital shops. Payment system phishing includes pages impersonating well-known payment brands.
Phishing persuades users to take action which gives a scammer access to devices, accounts, or personal information.
By pretending to be a person or organization the users trust, they can more easily infect the victim with malware or steal their information.
These social engineering schemes “bait” with trust to get valuable information. This could be anything from a social media login, to your entire identity via your social security number.
These schemes may urge the user to open an attachment, follow a link, fill out a form, or reply with personal information.
“Cybercriminals employ various tactics, including financial-related phishing, to deceive employees and trick them into falling victim to an attack. Our recent study showed employee security violations can be as damaging as external hacking for companies in Asia Pacific which means the human factor continues to play a role in making businesses vulnerable,” Yeo said.
“Tools to help safeguard against human error are a vital step forward, but they can’t exclude employee education, skills development, and overall strengthening of the company’s ability to detect and respond to cyberattacks.”
