In recent months, Southeast Asian businesses have faced an alarming surge in cyber threats, with nearly 500,000 phishing attacks specifically targeting firms in the region. These relentless attempts underscore the critical need for heightened cybersecurity measures to safeguard sensitive data and protect against evolving digital threats.
According to Kaspersky—a security solutions firm—phishing remains a popular deception method used by hackers to infiltrate business networks. The rise of generative AI technology is providing cybercriminals with the ability to create compelling phishing messages, increasing the potency of such scams.
Yeo Siang Tiong, General Manager for Southeast Asia at Kaspersky, said, "Phishing is a trusted technique for cybercriminals when it comes to infiltrating business networks because they usually work."
"The evolving technology, especially generative AI, aids the creation of deceptive resources, often blurring the distinguishing line between scam and legitimate communication," Yeo added.
The Philippines topped the list with 163,279 attempts, followed by Malaysia and Indonesia with 124,105 and 97,465 phishing attempts, respectively. Vietnam reported 36,130 incidents, while Thailand and Singapore detected only 25,227 and 9,502 attempts, respectively.
According to Kaspersky, cybercriminals have targeted the financial sector, impersonating reputable banking platforms, payment systems, and digital shops.
Throughout 2023, Kaspersky's solutions detected and blocked 455,708 financial phishing attempts on businesses of various sizes in the Asia Pacific region. These phishing attacks were carried out through a variety of communication channels, such as emails, fraudulent websites, messengers, and social media.
Given the serious impact of employee violations on a company's cybersecurity, Yeo stated, "Our recent study showed employee security violations can be as damaging as external hacking for companies in the Asia Pacific region, which means the human factor continues to play a key role in making businesses vulnerable."
Strategies for Overcoming Human Error
According to Kaspersky, strategies for overcoming human error should include employee education, skill development, and a general strengthening of the company's ability to detect and respond to cyberattacks.
To mitigate the negative effects of successful phishing attacks, Kaspersky experts recommend implementing enterprise security solutions that include anti-phishing software, such as the Advanced Anomaly Control feature found in Kaspersky Endpoint Security for Business Advanced and Kaspersky Total Security for Business.
Additionally, improved decision-making to stay ahead of threats and a more focused allocation of budgets to cybersecurity are recommended. For this purpose, Kaspersky provides services such as the Interactive Protection Simulation, which improves C-level professional education, and Kaspersky Assessments, which identifies security flaws in system configurations.
