Based on the latest statistics from Kaspersky, its Anti-Phishing System prevented 834,993 phishing attempts against companies with 50-250 employees in Southeast Asia (SE). That’s a 56% increase compared with the same period last year with just over 500,000 fraudulent attempts blocked.
The statistics mentioned are analyzed from Kaspersky’s solutions for SMBs operating with Windows, Mac OS, and Linux.
One of the key features of the global security company’s Anti-Phishing System detects all instances when a user tries to follow a link, ones that are not yet enrolled in Kaspersky’s databases.
“The financial toll combined with the urgent need to adapt to a forced remote working arrangement without enough preparation undoubtedly put the IT security of SMBs on the edge,” said Yeo Siang Tiong, general manager for Southeast Asia at Kaspersky. “At the same time, cybercriminals are unethically piggybacking on the current chaos to increase their attacks’ success rate through social engineering tactics like phishing. Our data revealed such attempts are increasing as our technology foiled more phishing attempts this year than in 2019.”
In terms of per country statistics, all of the six countries in SEA registered an increased number of fraudulent emails blocked by Kaspersky in Q1 2020 as compared with the same period last year.
Specially created with the SMBs’ security needs in mind, Kaspersky is giving six months free licenses for Kaspersky Security for Microsoft Office 365. Designed to protect mailboxes from viruses, Trojans, spam, phishing, and other types of malware that can be spread via email, this solution also protects cloud-oriented enterprise communication and collaboration apps such as Microsoft Exchange Online, OneDrive, SharePoint Online and Teams from known and unknown cyberthreats.
(Find out more about this promo via this link.)
Kaspersky experts suggest the following tips for SMBs to avoid being lured by cybercriminals through phishing:
- Teach employees about the basics of cybersecurity. For example, not opening or storing files from unknown emails or websites as they could be harmful to the whole company, or to not use any personal details in their passwords. In order to ensure passwords are strong, staff shouldn’t use their name, birthday, street address, and other personal information.
- Regularly remind staff of how to deal with sensitive data, for example, to only store it in trusted cloud services that need to be authenticated for access and that it should not be shared with untrusted third parties.
- Enforce the use of legitimate software, downloaded from official sources.
- Make backups of essential data and regularly update IT equipment and applications to avoid unpatched vulnerabilities that could cause a breach.