Financial phishing attacks in Southeast Asia rose by 41% in the first half of 2024, driven by advanced cybercriminal tactics like AI and social engineering. Kaspersky advises businesses to strengthen cybersecurity measures, educate employees, and adopt robust technologies to counter this growing threat.
26 November 2024 – Kaspersky’s anti-phishing technologies detected over 336,000 phishing attempts targeting organizations and businesses in Southeast Asia from January to June 2024. These attacks, mimicking e-commerce, banking, and payment platforms, aimed to steal sensitive data such as credentials. The volume of financial phishing incidents increased by 41% compared to the same period last year, driven by digital adoption and cybercriminals’ use of artificial intelligence (AI) and automation to create convincing scams.
Adrian Hia, Managing Director for Asia Pacific at Kaspersky, noted that the surge is fueled more by an uptick in fraudulent activity than by a lack of user vigilance. “Cybercriminals are becoming more aggressive in their pursuit of users’ data and money, targeting individuals and corporate devices alike,” he said.
Thailand led the region with 141,258 attacks, followed by Indonesia (48,439) and Vietnam (40,102). Malaysia recorded 38,056 incidents, while Singapore and the Philippines had the lowest numbers at 28,591 and 26,080 respectively. However, Thailand and Singapore saw the steepest year-over-year increases, at 582% and 406% respectively.
Financial phishing uses deceptive schemes to trick victims into providing personal or corporate information, often through fake emails, websites, or messages that impersonate legitimate entities. Attackers have increasingly used social engineering tactics, including deepfakes, to exploit fear and manipulate victims.
Hia warned that financial phishing will continue evolving, particularly targeting the banking, insurance, and e-commerce sectors. “Organizations must adopt robust security measures, educate their workforce, and stay vigilant against sophisticated threats like fake apps, deepfake videos, and voice messages,” he advised.
Kaspersky recommends a multi-pronged approach to counter cyber threats, including updating software, regular data backups, monitoring networks for unusual activity, and implementing strong passwords and two-factor authentication. Companies should also establish Security Operations Centers (SOC), leverage threat intelligence, and train employees using tools like the Kaspersky Automated Security Awareness Platform.
With threats growing in sophistication, businesses across Southeast Asia are urged to prioritize cybersecurity investments to protect sensitive data and maintain trust in digital financial services.