Cybercriminals have actively attacked small and medium businesses (SMB’s) in Southeast Asia this year, according to global cybersecurity company Kaspersky. It said its anti-phishing system prevented 834,993 phishing attempts against companies with 50-250 employees, a 56% increase from the same period last year.
Yeo Siang Tiong, General Manager for Southeast Asia, Kaspersky, said that the statistics were collated from Kaspersky’s solutions for SMBs using Windows, Mac OS, and Linux and that, “The financial toll combined with the urgent need to adapt to a forced remote working arrangement without enough preparation undoubtedly put the IT security of SMBs on the edge.”
Yeo added that, “At the same time, cybercriminals are unethically piggybacking on the current chaos to increase their attacks’ success rate through social engineering tactics like phishing. Our data revealed such attempts are increasing as our technology foiled more phishing attempts this year than in 2019.”
Phishing is one of the most flexible types of social engineering attack, as it can be disguised in many ways and used for different purposes. Social engineering attacks, or tricking the mind, exploit human emotions to victimize users online.
Cybercriminals are also incorporating topics and “hot phrases” related to COVID-19 into their content, increasing the chances of their infected links or malicious attachments getting opened.
The damage ranges from hacking companies’ networks to stealing confidential data like personally identifiable information, financial credentials and even corporate secrets. Phishing attacks, particularly those with malicious links or attachments, are commonly used as launch pads for targeted attacks on organisations.
Indonesia, Malaysia, the Philippines, Singapore, Thailand, and Vietnam have all registered an increase in the number of fraudulent emails blocked by Kaspersky in Q1 compared to the same period last year.
|Phishing attempts against small and medium-sized businesses in Southeast Asia blocked by Kaspersky Anti-Phishing System in
the first three months of 2020
Kaspersky’s Yeo commented on the SEA phishing statistics and said that, “Small and medium enterprises form the backbone of SEA’s growing economy, contributing immensely to both gross domestic product and employment.
“It is clear that governments across the region are aware of this as each has formulated different ways to help the sector during this challenging period.
“For our part, we are currently offering our select solutions for free to help SMB’s and even the healthcare industry fend off escalating cyberattacks against them,.”
In order to avoid being hacked by cybercriminals through phishing, Kaspersky experts suggested SMB’s should teach employees the basics of cybersecurity, regularly remind them about how to deal with sensitive data, enforce the use of legitimate software and download from official sources, back up essential data, and regularly update IT equipment and applications.
To support SMB’s, Kaspersky is giving free six month licenses for its “Kaspersky Security for Microsoft Office 365”, and, in collaboration with Area9 Lyceum, has also prepared a 20-30-minute free online course on how to adapt to working safely from home.