Southeast Asia (SEA) continues to see an increase in phishing incidents. According to latest data from Kaspersky, a global cybersecurity company, cybercriminals were able to outperform phishing attacks against his users locally in just six months in the past year.
From January to June 2022, Kaspersky's anti-phishing system blocked a total of 12,127,692 malicious links in SEA. This is one million more than the total number of phishing attacks detected here in 2021 of 11,260,643.
Phishing, a type of social engineering attack, is one of the primary methods attackers use to compromise both individual and organizational targets. This is done on a large scale when cybercriminals impersonate legitimate companies or individuals and send mass emails to promote fake pages or infect users with malicious attachments.
The ultimate goal of a phishing attack is to steal credentials, especially financial and credentials, to steal money or, worse, put an entire organization at risk.
More than half of the phishing detections in the first half of 2022 targeted Kaspersky users in Malaysia, the Philippines and Vietnam.
Four of SEA's six countries - Malaysia, Philippines, Thailand and Vietnam - recorded more phishing emails in the first six months of this year than the total number of incidents in 2021.
“The first half of 2022 is eventful in good and bad ways. On a personal level, we went through the seismic shift of trying to regain our lives post-pandemic, forcing companies and organizations to welcome remote and hybrid work. The travel sector, including airlines, airports, travel agencies, and more, has also been overwhelmed by the influx of tourists wanting to travel with borders now open. Behind these shifts are networks and systems that needed to be updated and secured hastily. On the other hand, cybercriminals are all ears and with their ability to tweak their messages and infuse them with believable urgency. As a result, we’ve seen real, unfortunate incidents of victims losing money because of phishing attacks,” -Yeo Siang Tiong, General Manager for Southeast Asia at Kaspersky
Related Stories
Apart from losing the individual's money, Kaspersky's elite researcher recently sounded the alarm that most Asia-Pacific Advanced Persistent Threat (APT) groups, including SEA, are using targeted phishing to penetrate a highly protected network.
As its name "advanced" suggests, an APT uses continuous, stealthy, and sophisticated hacking techniques to enter a system and remain there for an extended period of time, with potentially destructive consequences.
Due to the effort required to carry out such an attack, APTs typically target high-value targets such as nation states and large corporations, with the ultimate goal of stealing information over an extended period of time, rather than to simply "dive in" and get out quickly, as many black hat hackers do in low-level cyberattacks.
Noushin Shabab, Senior Security Researcher for the Global Research and Analytics Team (GReAT) at Kaspersky, revealed in a recent presentation that targeted phishing, also known as spear phishing, is the vector of infection preferred by APT groups operating in the region.
“We did a report this year which found that the majority (75%) of executives here are aware and even anticipate an APT attack against their organizations. With phishing incidents hitting the roof in just the first six months of the year, enterprises, public entities, and government agencies should understand the impact of one wrong click on their critical networks and systems. We, humans, remain the weakest link and it is time to look beyond training and awareness. Backup security plans – like incident response capabilities – should be in place to stop a phishing email from becoming the launch pad of a damaging attack to your organization,” -Yeo Siang Tiong
Traditional security measures often fail to stop spear phishing attacks because they are so cleverly customized. As a result, they become increasingly difficult to detect. An employee error can have serious consequences for businesses, governments and even non-profit organizations.
With stolen data, fraudsters can reveal commercially sensitive information, manipulate stock prices or commit various acts of espionage. Additionally, spear phishing attacks can use malware to hijack computers and organize them into large networks called botnets, which can be used for denial of service attacks.
To combat spear phishing scams, employees need to be aware of threats, such as the possibility of fake emails ending up in their inboxes. In addition to education, a technology focused on e-mail security is needed. Kaspersky recommends installing protective anti-phishing solutions on employee mail servers and workstations.
For businesses and organizations, Kaspersky proposes to create incident response capabilities that help manage the aftermath of an attack and to include threat intelligence services to gain insight into the evolving threats and tactics of active APT groups.