Cybercriminals attempted more than half a million phishing attacks on businesses across Southeast Asia in 2024, using fake financial websites to steal sensitive information, according to cybersecurity company Kaspersky.
Kaspersky’s business security solutions blocked 534,759 financial phishing attempts in the region last year. Financial phishing schemes trick users into entering banking details on fraudulent sites that resemble legitimate payment platforms.
“The sheer volume of financial phishing attempts we’ve detected in business devices in Southeast Asia is alarming,” said Yeo Siang Tiong, general manager for Southeast Asia at Kaspersky. “The region has become a hotspot for cybercriminals due to its booming digital economy, which is projected to reach $1 trillion by 2030. It is clear that cybercriminals are exploiting the region’s rapid digital adoption, and businesses must remain vigilant.”
Thailand recorded the highest number of phishing attacks on businesses, with 247,560 cases. Indonesia followed with 85,908, while Malaysia saw 64,778. Vietnam, Singapore, and the Philippines each faced between 38,000 and 59,000 attempts.
The role of AI in creating fake websites
“The rise of AI gave way to more convincing fake websites that falling prey is easier than spotting and avoiding them,” Yeo said. “At the same time, the region’s diverse regulatory landscape and varying levels of cybersecurity maturity among businesses make it an attractive target for financially motivated attacks. Now more than ever, it’s critical for businesses here to have the right tools and the access to real-time threat intelligence that they need to stay ahead of these threats.”
Phishing attacks typically spread through emails, fake websites, messaging apps, and social media. Kaspersky advises businesses to use security solutions, educate employees on identifying threats, and stay updated on emerging cyber risks.