Based on the latest statistics from Kaspersky, the global cybersecurity company’s Anti-Phishing System prevented 834,993 phishing attempts against companies with 50-250 employees in the first three months of 2020. It’s a 56% increase compared with the same period last year with just over 500k fraudulent attempts blocked.
In terms of per country statistics, all of the six countries in SEA registered an increased number of fraudulent emails blocked by Kaspersky in Q1 2020 as compared with the same period last year.
“In the 21st century, phishing attacks are by far one of the most popular forms of cybercrime, which increases in quality and quantity every day,” said Yeo Siang Tiong, GM for Southeast Asia at Kaspersky. “Its danger can range from a simple virus which can be scanned quickly to a multi-million-dollar heist, such as the case of the Central Bank of Bangladesh back in 2016, which was made possible by a targeted phishing email.”
To further fend off the risk of phishing attacks, Kaspersky experts suggest the following for SMBs:
Educate employees about the basics of cybersecurity
For example, not opening or storing files from unknown emails or websites as they could be harmful to the whole company, or to not use any personal details in their passwords. In order to ensure passwords are strong, staff should not use their name, birthday, street address, and other personal information.
Regularly remind staff of how to deal with sensitive data, for example, to only store it in trusted cloud services that need to be authenticated for access and that it should not be shared with untrusted third parties.
Since the human factor plays an important role in this type of threat, Kaspersky has also launched a 20-30 minutes free online course, which tackles how companies can secure their current remote working environment. It is accessible through this link.
Employ a password-change policy to your employees
Passwords protect all computers and other devices. Your IT security policy should cover strong password use; also set up a password-expiration policy to force users to change their passwords every 90 days. Avoid logging in to online banks and similar services via public Wi-Fi networks. Hotspots are convenient, but it’s better to use a mobile connection or wait to get to a secure network than to lose all of the money on your credit card or in your bank account. Open networks can be created by criminals who, among other things, spoof website addresses over the connection and thereby redirect you to a fake page.
Patches, updates, and legitimate software
Cybercriminals also tend to exploit vulnerabilities in software to compromise systems. For this reason, it is essential to set aside a time to run patches and updates that are regularly issued by software companies. SMBs should also use only legitimate software to avoid falling prey to attackers targeting the security loopholes of pirated tools.
Install comprehensive security software across all your devices
You need security on everything — servers, PCs, and other connected devices. Set it up to stay up to date and renew it on time. As emails are a key communication platform for SMBs, Kaspersky also offers in SEA six months free licenses for Kaspersky Security for Microsoft Office 365. This tool is an advanced, all-in-one threat protection for Microsoft Office 365’s communication and collaboration services. It curbs the spread of malicious threats including ransomware, viruses, Trojans, phishing, among others. Interested companies can find out more about this promo via this link.