Connect with us

Asia

Kaspersky: 2020 sees nearly 3 million phishing attempts aimed at SMBs in SEA

Published

on

Global cybersecurity company Kaspersky on Wednesday (10 Mar) unmasked the continued phishing campaigns against small and medium-sized businesses (SMBs) in Southeast Asia (SEA).

Despite this segment bearing the brunt of the still ongoing pandemic, Kaspersky’s Anti-Phishing Technology has blocked a total of 2,890,825 attempts aimed at SMBs in the region last year – a 20 per cent increase compared with 2,402,569 attempts to visit fraudulent urls detected in 2019.

For those who are unaware, phishing is a form of cybercrime based on social engineering techniques that involves stealing confidential data from a person’s computer and subsequently using the data for other purposes – from stealing the target’s money to reselling their data.

Phishing messages usually take the form of fake notifications from banks, providers, e-pay systems, and other organisations. Phishing also can take form of an almost 100 per cent perfect replica of a trusted website, to which the victim would be lured through phishing messages to later leave their personal data.

In terms of per country cases of phishing targeting companies with 50-250 employees, Indonesia registered the most incidents in 2020, followed by Thailand and Vietnam, according to Kaspersky’s Spam and Phishing Report 2020.

Each of them logged over half a million attempts. Malaysian, Filipino, and Singaporean SMBs were not spared, with these nations charting a combined 795,052 attempts to visit phishing websites from January to December last year.

Phishing detections against SMBs in SEA with global ranking in 2020 based on Kaspersky Anti-Phishing Technology

SMBs in all six countries in the region have also witnessed an increased phishing attempts foiled by Kaspersky Year-on-Year (YOY), an expected aftermath of the segment’s urgent drive to digitalise amid the pandemic.

“While they serve as the bedrock of our regional economy, SMBs are low-hanging fruits for cybercriminals. These malicious actors are aware that owners are focused on keeping their cash flow more than their cybersecurity, at least for now,” said Yeo Siang Tiong, General Manager for Southeast Asia at Kaspersky.

“Social engineering attacks such as phishing is also the easiest way in. Combining our current stressed minds with the right buzzwords like COVID-19, and now the vaccines, we expect to see this threat being used more to steal money and data from this already battered segment,” he added.

Last year’s top 10 countries in terms of phishing attempts against SMBs are Brazil, Russia, USA, France, Italy, Mexico, Germany, Colombia, Spain, and India.

On a worldwide scale, online phishers exploited the COVID-19 theme as they invited victims to non-existent video conferences and insisted that their targets register with “new corporate services”.

Given that the fight against the pandemic is not over yet, Kaspersky predicts that the main trends of 2020 will stay relevant into the near future.

An example of a fraudulent email inviting victims to attend a fake video conference (Source: Kaspersky)

An important trend which businesses in SEA – a region famous for being highly active on social media – should note about is the phishing links and mails being shared via online networking platforms.

Kaspersky experts have observed that scammers who were spreading their chain mail via social networks and instant messaging applications began to favor the latter in 2020.

Message recipients were promised a discount or prize if they opened a link sent to them. The phishing web page contained a tempting message about a money prize, award, or other – equally desirable – surprises.

“It is true that governments and financial organisations are combining efforts to offer lifeboats for SMBs via grants and offers, but we have to accept that cybercriminals will spare no one,” said Mr Yeo.

We at Kaspersky, for our part, offers holistic and budget-friendly solutions to help business owners achieve secured digitalisation. Amidst the uncertainties, one thing I can say for sure is that, building your IT security is always less costly than suffering a cyberattack,” he added.

Kaspersky experts also suggest the following tips for SMBs and employees to avoid being lured by cybercriminals through phishing:

  • Teach employees about the basics of cybersecurity. For example, not opening or storing files from unknown emails or websites as they could be harmful to the whole company, or to not use any personal details in their passwords. In order to ensure passwords are strong, staff shouldn’t use their name, birthday, street address, and other personal information.
  • Regularly remind staff of how to deal with sensitive data, for example, to only store it in trusted cloud services that need to be authenticated for access and that it should not be shared with untrusted third parties.
  • Enforce the use of legitimate software, downloaded from official sources.
  • Make backups of essential data and regularly update IT equipment and applications to avoid unpatched vulnerabilities that could cause a breach.
  • Configure Wi-Fi encryption. It is imperative to configure your network connection correctly, and set your router’s log-in and password regularly.
  • Use a VPN if connecting to Wi-Fi networks that don’t belong to you. When you’re connected through a VPN, all of your data will be encrypted regardless of the network settings, and outsiders will not be able to read it.
  • Use corporate services for e-mail, messaging, and all other work. Stick to corporate resources when exchanging documents and other information. Those cloud drives, but configured for business, are generally far more reliable than the free user versions.
  • Protect devices with an antivirus solution. It is vital that you install a reliable security solution on all devices that handle corporate data.
Continue Reading
1 Comment
Subscribe
Notify of
1 Comment
Newest
Oldest Most Voted
Inline Feedbacks
View all comments

Asia

Up to 200 athletes tested for doping so far at Asian Games

Between 150 and 200 Asian Games athletes tested for doping, yielding no positive results. Anti-doping efforts emphasized for a clean event, focusing on record-breakers.

Published

on

HANGZHOU, CHINA — Between 150 and 200 Asian Games athletes have already been tested for doping, the Olympic Council of Asia said on Monday, with no positive results so far.

Speaking at an anti-doping press conference on the second full day of the Games in the Chinese city of Hangzhou, the OCA said dope-testing was “gaining momentum” at the event.

Mani Jegathesan, an adviser to the OCA anti-doping committee, warned that drug cheats would be rooted out.

Up to 200 athletes have been tested so far, he said, but any positive results will take several days to come through.

“Every athlete participating in these Games must understand that they could be picked at any time,” Jegathesan warned.

“That is the best step to ensuring we have a clean event.”

There are about 12,000 athletes at the 19th Asian Games, more competitors than the Olympics, and Jegathesan admitted it would be impossible to test them all.

Instead, they will prioritise, including picking out those who break world or Asian records.

— AFP

Continue Reading

Asia

Foodpanda’s restructuring amid sale speculations

Food delivery giant Foodpanda, a subsidiary of Delivery Hero, announces staff layoffs in the Asia-Pacific region, aiming for increased efficiency. This move coincides with ongoing talks about potentially selling parts of its 11-year-old business.

Published

on

Foodpanda, a subsidiary of Delivery Hero, is initiating undisclosed staff reductions in the Asia-Pacific region, as discussions continue regarding the potential sale of a portion of its 11-year-old food delivery business.

In a memorandum circulated to employees on 21 September, Foodpanda CEO Jakob Angele conveyed the company’s intent to become more streamlined, efficient, and agile.

Although the exact number of affected employees was not disclosed, the emphasis was on enhancing operational efficiency for the future.

No mention was made in the memo regarding the reports of Foodpanda’s potential sale in Singapore and six other Southeast Asian markets, possibly to Grab or other interested buyers.

Foodpanda had previously conducted staff layoffs in February and September 2022. These actions come as the company faces mounting pressure to achieve profitability, particularly in challenging economic conditions.

The regulatory filings of Foodpanda’s Singapore entity for the fiscal year 2022, ending on 31 Dec, indicated a loss of S$42.7 million despite generating revenue of S$256.7 million.

Angele further explained that Foodpanda intends to review its organizational structure, including both regional and country teams, with some reporting lines being reassigned to different leaders. Additionally, certain functions will be consolidated into regional teams.

Expressing regret over the challenging decisions, Angele assured affected employees of a severance package, paid gardening leave, and extended medical insurance coverage where feasible.

Foodpanda will also forego the usual waiting period for long-term incentive plan grants, and vesting will continue until the last employment date. Employees will retain all vested shares as of their last day of employment.

Foodpanda, established in 2012 and headquartered in Singapore, became a part of Delivery Hero in 2016. The company operates in 11 markets across the Asia-Pacific region, excluding its exit from the Japanese market last year.

Continue Reading

Trending