Cybersecurity, Cyber Security, Phishing Email, PhishingCybersecurity

Kaspersky discovers nearly 3 million phishing attempts on SMBs in SEA in 2020

Global cybersecurity company Kaspersky today unmasks the continued phishing campaigns against small and medium businesses (SMBs) in Southeast Asia (SEA). Despite this segment bearing the brunt of the still on-going pandemic, Kaspersky’s Anti-Phishing Technology has blocked a total of 2,890,825 attempts aimed at SMBs in the region last year, a 20% increase compared with 2,402,569 attempts to visit fraudulent urls detected in 2019.

Phishing is a form of cybercrime based on social engineering techniques that involve stealing confidential data from a person’s computer and subsequently using the data for other purposes – from stealing the target’s money to reselling their data. Phishing messages usually take the form of fake notifications from banks, providers, e-pay systems, and other organizations, phishing also can take the form of an almost 100% perfect replica of a trusted website, to which the victim would be lured through phishing messages to later leave their personal data.

In terms of per country cases of phishing targeting companies with 50-250 employees, Indonesia registered the most incidents in 2020, followed by Thailand, and Vietnam. Each of them logged over half a million attempts. Malaysian, Filipino, and Singaporean SMBs were not spared, with these nations charting a combined 795,052 attempts to visit phishing websites from January to December last year.

APT group Lazarus targets the defense industry with ThreatNeedle backdoor

Kaspersky forum emphasizes need to invest in education to boost nations’ cybersecurity defense

SMBs in all six countries in the region have also witnessed increased phishing attempts foiled by Kaspersky Year-on-Year (YOY), the expected aftermath of the segment’s urgent drive to digitalize amidst the pandemic.

“While they serve as the bedrock of our regional economy, SMBs are low-hanging fruits for cybercriminals. These malicious actors are aware that owners are focused on keeping their cash flow more than their cybersecurity, at least for now. Social engineering attacks such as phishing are also the easiest way in. Combining our current stressed minds with the right buzzwords like COVID-19, and now the vaccines, we expect to see this threat being used more to steal money and data from this already battered segment,” said Yeo Siang Tiong, General Manager for Southeast Asia at Kaspersky.

Last year’s top 10 countries in terms of phishing attempts against SMBs are Brazil, Russia, the United States, France, Italy, Mexico, Germany, Colombia, Spain, and India.

On a worldwide scale, online phishers exploited the COVID-19 theme, invited victims to non-existent video conferences, and insisted that their targets register with “new corporate services”. Given that the fight against the pandemic is not over yet, Kaspersky predicts that the main trends of 2020 will stay relevant into the near future.

An important trend which businesses in SEA, a region famous for being highly active on social media, should note is the phishing links and emails being shared via online networking platforms. Kaspersky experts have observed that scammers who were spreading their chain mail via social networks and instant messaging applications began to favor the latter in 2020.

Message recipients were promised a discount or prize if they opened a link sent to them. The phishing web page contained a tempting message about a money prize, award, or other, equally desirable, surprises.

“It is true that governments and financial organizations are combining efforts to offer lifeboats for SMBs via grants and offers, but we have to accept that cybercriminals will spare no one. We at Kaspersky, for our part, offers holistic and budget-friendly solutions to help business owners achieve secured digitalization. Amidst the uncertainties, one thing I can say for sure is that building your IT security is always less costly than suffering a cyberattack,” adds Yeo.

To help SMBs secure their cash flow and assets, Kaspersky offers savings for its latest Kaspersky Endpoint Detection and Response Optimum (KEDRO) solution for new and existing customers valid on 10-999 nodes across the region until March 31, 2021.

For KEDRO new and add-on:
– 1 Year License – 33% savings
– 3-Year License – 40% savings

Interested SMB owners can find out more about this promo here.