Kaspersky detected 336,294 financial phishing attacks against organizations and businesses in Southeast Asia from January to June 2024. The attacks fake e-commerce, banking, and payment brands aimed to steal credentials and other sensitive data.
Financial phishing refers to fraudulent resources related to banking, payment systems, and digital shops. It aims to trick victims into divulging their personal or corporate information by manipulating them using advanced social engineering schemes.
The number of attacks increased by 41% compared to the same period last year, driven by greater digital adoption and threat actors’ use of AI and automation to create convincing content and more effectively target victims.
Thailand recorded the most financial phishing attacks at 141,258, followed by Indonesia with 48,439, Vietnam with 40,102, and Malaysia with 38,056. Singapore and the Philippines had the fewest attacks at 28,591 and 26,080, respectively. Thailand and Singapore also saw the highest increases at 582% and 406% compared to last year.
“The pool of potential victims has grown larger over the past few years given the increased usage of online banking and digital financials services. Kaspersky experts attribute this sharp rise to an increase in fraudulent activity rather than a decline in user vigilance: cybercriminals are becoming more aggressive in their pursuit of users’ data and money, including for those from corporate devices,” says Adrian Hia, Managing Director for Asia Pacific at Kaspersky.
To help companies protect their systems against the wide range of cyberthreats, including but not limited to phishing, Kaspersky experts recommend:
A. Process and Best Practices
- Always keep software updated on all the devices to prevent attackers from exploiting vulnerabilities and infiltrating the organization’s network.
- Promptly install available patches for commercial VPN solutions providing access for remote employees and acting as gateways in your network.
- Back up data regularly and ensure they can be accessed quickly when needed or in an emergency.
- Avoid downloading and installing pirated software or software from unknown/unverified sources.
- Do not expose remote desktop/management services (such as RDP, MSSQL, etc.) to public networks unless absolutely necessary, and always use strong passwords, two-factor authentication, and firewall rules for them.
- Monitor access and activity by having visibility over the network to spot any unusual activity, and controlling user access to an as-needed, and as-required basis to minimize risks of unauthorized access and data leak.
- Draft a security emergency playbook and ensure it is current. Kaspersky can conduct tabletop exercises to help run through the emergency drill.
- Assess and audit your supply chain and managed services access to your environment. Kaspersky offers compromise assessment services if you suspect that you may be compromised.
B. Set up a Security Operations Centre
- Set up a security operation center (SOC) using a SIEM (security information and event management) tool like Kaspersky Unified Monitoring and Analysis Platform, a unified console for monitoring and analyzing information security incidents, and solutions, such as Kaspersky Next XDR Expert, a robust cybersecurity solution that defends against sophisticated cyberthreats.
- Use the latest Threat Intelligence information to have in-depth visibility into cyberthreats targeting your organization and provide your InfoSec professionals with the most comprehensive and up-to-date information regarding potential malicious actors and their TTPs.
- Employ Kaspersky Professional Services to optimize the workload of your heavily challenged IT department. Kaspersky experts assess the state of your current IT security, then deploy and configure Kaspersky software quickly and properly to ensure hassle-free ongoing performance.
- If your company does not have a dedicated IT security function and only has generalist IT admins who may lack the specialist skills required for expert-level detection and response solutions, consider subscribing to a managed service such as Kaspersky MDR. This would instantly boost your security capabilities by an order of magnitude while allowing you to focus on building in-house expertise.
- For the protection of very small businesses, use solutions intended to help you manage your cybersecurity even without having an IT administrator on board. Kaspersky Small Office Security provides you with hands-off security due to ‘install and forget’ protection and saves the budget which is crucial, particularly in the early stages of business development.
- Kaspersky offers SOC maturity assessment to help organizations identify gaps in security operations and opportunities for improvement.
C. People
- Educate employees and improve their cybersecurity literacy through tools such as Kaspersky Automated Security Awareness Platform – Employees should be aware of the risks of cybersecurity threats and how to protect themselves and the organization from them.
- Train and upskill your cybersecurity team/professionals with Kaspersky Expert training to advance their skills and defend the organization against attacks.
- Educate your C-level executives with interactive cyber games like Kaspersky Interactive Prevention Simulation.
Leave a comment