The attacks were impersonating e-commerce, banking, and payment brands and were aimed at stealing credentials and other sensitive data.
Financial phishing attacks are rapidly increasing in the country as cybercriminals continuously evolve and adapt their tactics, making them sophisticated. The number of attacks rose by 41 % compared to the corresponding period last year, underpinned by increased digital adoption and the use of artificial intelligence and automation by threat actors to render convincing content and target victims more effectively.
“The pool of potential victims has grown larger over the past few years given the increased usage of online banking and digital financial services. Kaspersky experts attribute this sharp rise to an increase in fraudulent activity rather than a decline in user vigilance: cybercriminals are becoming more aggressive in their pursuit of users’ data and money, including for those from corporate devices,” says Adrian Hia, Managing Director for Asia Pacific at Kaspersky.
Financial phishing is a type of phishing which refers to fraudulent resources related to banking, payment systems and digital shops.
Through financial phishing, attackers deceptively manipulate victims to divulge their personal and valuable information such as login credentials to financial accounts, as well as other personal or corporate information that is stored in those accounts. They are employing advanced social engineering schemes masquerading as, financial institutions, to deceive, invoke fear and exhort victims, and in some instances impersonate charitable organisations to trick victims into making contributions.
Thailand logged the highest number of financial phishing attacks at 141,258, followed by Indonesia with 48,439. Vietnam experienced 40,102 attacks while Malaysia registered 38,056 phishing attacks related to financial matters.
Singapore and the Philippines chalked up the least number of this threat at 28,591 and 26,080 respectively. Thailand and Singapore both registered the two highest increases of 582 % and 406 % respectively compared to the corresponding period last year.
Country Numbers of financial phishing attacks detected by Kaspersky
January – June 2024
Indonesia 48,439
Malaysia 38,056
Philippines 26,080
Singapore 28,591
Thailand 141,258
Vietnam 40,102
Total 336,294
“Financial phishing will continue to evolve in this region and sectors like banking, insurance and e-commerce will remain prime targets. Apart from traditional phishing emails, cybercriminals will also continue to exploit social media and messaging platforms to spread fraudulent links, fake pages and apps. With deepfakes growing prevalent, we will also see an increase in fake videos and voice messages that are highly sophisticated and harder to detect. It is imperative now more than ever for companies to step up their security measures, by implementing robust security solutions, adopting best practices and training their workforce to raise awareness of cyber threats and how to protect themselves and their organisations,” adds Hia.
To help companies protect their systems against the wide range of cyberthreats, including but not limited to phishing, Kaspersky experts recommend:
A. Process and Best Practices
1. Always keep software updated on all the devices to prevent attackers from exploiting vulnerabilities and infiltrating the organisation’s network.
2. Promptly install available patches for commercial VPN solutions providing access for remote employees and acting as gateways in your network.
3. Back up data regularly and ensuring they can be accessed quickly when needed or in an emergency.
4. Avoid downloading and installing pirated software or software from unknown/unverified sources.
5. Do not expose remote desktop/management services (such as RDP, MSSQL, etc.) to public networks unless absolutely necessary and always use strong passwords, two-factor authentication and firewall rules for them.
6. Monitor access and activity by having visibility over the network to spot any unusual activity, and controlling user access to as-needed, and as-required basis to minimise risks of unauthorised access and data leak.
7. Draft a security emergency playbook and ensure it is current. Kaspersky can conduct tabletop exercises to help run through the emergency drill.
8. Assess and audit your supply chain and managed services access to your environment. Kaspersky offers compromise assessment services if you suspect that you may be compromised.
B. Set up a Security Operations Centre
1. Set up a security operation centre (SOC) using an SIEM (security information and event management) tool like Kaspersky Unified Monitoring and Analysis Platform, a unified console for monitoring and analysing information security incidents, and solutions such as Kaspersky Next XDR Expert, a robust cybersecurity solution that defends against sophisticated cyber threats.
2. Use the latest Threat Intelligence information to have in-depth visibility into cyber threats targeting your organisation and provide your InfoSec professionals with the most comprehensive and up-to-date information regarding potential malicious actors and their TTPs.
3. Employ Kaspersky Professional Services to optimise the workload of your heavily challenged IT department. Kaspersky experts assess the state of your current IT security, then deploy and configure Kaspersky software quickly and properly to ensure hassle-free ongoing performance.
4. If your company does not have a dedicated IT security function and only has generalist IT admins who may lack the specialist skills required for expert-level detection and response solutions, consider subscribing to a managed service such as Kaspersky MDR. This would instantly boost your security capabilities by an order of magnitude while allowing you to focus on building in-house expertise.
5. For the protection of very small businesses, use solutions intended to help you manage your cybersecurity even without having an IT administrator on board. Kaspersky Small Office Security provides you with hands-off security due to 'install and forget' protection and saves the budget which is crucial, particularly in the early stages of business development.
6. Kaspersky offers SOC maturity assessment to help organisations identify gaps in security operations and opportunities for improvement.
C. People
1. Educate employees and improve their cybersecurity literacy through tools such as Kaspersky Automated Security Awareness Platform - Employees should be aware of the risks of cybersecurity threats and how to protect themselves and their organisation from them.
2. Train and upskill your cybersecurity team/professionals with Kaspersky Expert training to advance their skills and defend the organisation against attacks.
3. Educate your C-level executives with interactive cyber games like Kaspersky Interactive Prevention Simulation.