Scams continue to be on the rise in Southeast Asia. The latest data from Kaspersky reveals that in just six months, the number of phishing attacks in 2022 has outstripped the number of last years.
Specifically, from January to June 2022, Kaspersky’s Anti-Phishing system blocked 12,127,692 malicious links in Southeast Asia, nearly 1 million more than the total number in 2021 (11,260). .643 cases).
Phishing, a non-technical attack, continues to be one of the main methods cybercriminals use to attack targets, including individual and business users. They are done on a large scale by sending bulk emails impersonating companies or individuals to promote fake pages or infect users through malicious attachments.
The ultimate goal of a phishing attack is to steal information, especially login and financial information, to gain money or, most importantly, affect the entire organization.
Over half of the attacks in Q1 2022 targeted Kaspersky users in Malaysia, the Philippines, and Vietnam. During the same period, the number of phishing emails in Malaysia, the Philippines, Thailand, and Vietnam exceeded the total incidents for 2021.
Besides the individual cases of losing money, a Kaspersky researcher recently sounded the alarm that most of the targeted attack groups (APTs) in the Asia- Pacific region, including Southeast Asia, all use phishing to infiltrate a highly protected network.
An APT attack uses sophisticated, secretive, and persistent techniques to gain access and persist inside a system for a long time, thereby causing potentially destructive consequences.
Because it takes a lot of effort to carry out a successful attack, APT often targets high-value targets, such as countries and large corporations, aiming to steal information within the network. For a long time, rather than simply “entering” and leaving quickly, as many hackers do in lower-level cyberattacks.
To combat online scams, employees need to be aware of threats, such as the ability to recognize phishing emails in their mailboxes. Besides education, technology focused on email security is needed. Kaspersky recommends installing protection solutions on email servers and employees’ work devices.
For businesses and organizations, Kaspersky recommends building incident response capabilities to help deal with the aftermath of an attack and combining threat intelligence services for in-depth knowledge. About the threats and tactics of active APT groups.