PHL saw most financial-related phishing attempts in the region

PHL saw most financial-related phishing attempts in the region

THE PHILIPPINES ranked first in the Southeast Asian region in terms of the number of financial-related phishing attempts on businesses’ devices in 2023, according to global cybersecurity firm Kaspersky.

In a report released on Monday, Kaspersky reported that the Philippines recorded 163,279 detected and blocked financial phishing attempts last year, three times higher than 52,914 cases recorded in 2022. 

This was followed by Indonesia with 97,465 attempts and Vietnam with 36,130 incidents. Thailand and Singapore saw the least number of financial phishing attacks at 25,227 and 9,502, respectively.

“Phishing is a trusted technique for cybercriminals when it comes to infiltrating business networks because they usually work. The rise of generative AI (artificial intelligence) helps cybercriminals to make phishing messages or scam resources more convincing. As a result, it becomes challenging for people to distinguish between a scam and a legitimate communication. That’s why the role of robust security solutions increases,” Kaspersky General Manager for Southeast Asia Yeo Siang Tiong said in a statement.

Kaspersky defined financial phishing as fraudulent resources related to banking, payment systems, and digital shops. Payment system phishing includes platforms or pages impersonating known brands, it said.

“Phishing persuades users to take action which gives a scammer access to your device, accounts, or personal information. By pretending to be a person or organization the users trust, they can more easily infect the victim with malware or steal their information,” Kaspersky said.

“These social engineering schemes ‘bait’ with trust to get valuable information. This could be anything from a social media login, to your entire identity via your social security number. These schemes may urge the user to open an attachment, follow a link, fill out a form, or reply with personal information,” it said.

The cybersecurity firm blocked a total of 455,708 financial phishing attempts targeting companies of various sizes in Southeast Asia last year, it said. This was 44.6% lower than the 822,536 recorded in the previous year.

“Cybercriminals employ various tactics, including financial-related phishing, to deceive employees and trick them into falling victim to an attack… Tools to help safeguard against human error are a vital step forward, but they can’t exclude employee education, skills development, and overall strengthening of the company’s ability to detect and respond to cyberattacks,” Mr. Yeo said.

Firms should prioritize employee education, skills development, and strengthening their ability to detect and respond to cyberattacks, he added. — Aubrey Rose A. Inosante