Cybercrooks clog business networks with financial phishing
IN 2023, Kaspersky antiphishing technologies detected nearly 500,000 attempts to follow a phishing link on business devices in Southeast Asia.
Interestingly, the company said this number only refers to phishing links related to finance matters — e-commerce, banking and payment systems.
Phishing persuades users to take action which gives scammers access to their device, accounts, or personal information.
According to Kaspersky, by pretending to be a person or organisation the users trust, they can more easily infect the victim with malware or steal their information.
These social engineering schemes use trust as “bait” to get valuable information, from social media logins to entire identities via social security numbers.
They may urge the user to open an attachment, follow a link, fill out a form, or reply with personal information.
Financial phishing is a type of phishing which employs fraudulent resources related to banking, payment systems and digital shops.
Payment system phishing includes pages impersonating wellknown payment brands.
FINANCIAL PHISHING ATTEMPTS
From January to December last year, Kaspersky said it detected and blocked 455,708 financial phishing attempts targeting companies in the region.
The statistics reflect clicks on phishing links placed in various communication channels, including emails, fraudulent websites, messaging platforms and social media.
“Phishing is a trusted technique for cybercriminals when it comes to infiltrating business networks, because they usually work.
“The rise of generative artificial intelligence helps cybercriminals make phishing messages or scam resources more convincing.
“As a result, it becomes challenging for people to distinguish between a scam and a legitimate communication. That’s why the role of robust security solutions increases,” said Kaspersky Southeast Asia general manager Yeo Siang Tiong.
RECORDED ATTACKS
The Philippines logged the highest occurence of financial phishing at 163,279 attempts last year, followed by Malaysia with 124,105.
Indonesia chalked up 97,465 incidents while Vietnam experienced 36,130 phishing attacks related to financial matters.
Thailand and Singapore registered the least number of this threat at 25,227 and 9,502 respectively.
“Cybercriminals employ various tactics, including financial-related phishing, to deceive employees and trick them into falling victim to an attack,” said Yeo.
“Our recent study showed employee security violations can be as damaging as external hacking for companies in Asia-Pacific, which means the human factor continues to play a role in making businesses vulnerable.
“Tools to help safeguard against human error are a vital step forward, but they can’t exclude employee education, skills development, and overall strengthening of the company’s ability to detect and respond to cyberattacks.”