Malaysia Holds Top Three Spot for Phishing Attacks in Southeast Asia
Data from Kaspersky shows that email phishing attacks in Malaysia remain at an alarming rate. In 2022, Kaspersky Anti-Phishing System blocked 8,267,013.
According to Cybersecurity Malaysia, Malaysia reported 4,741 cyber threats in 2022, and already recorded 456 fraud cases as of February 2023. To raise the red flag further, a total loss of RM27 million as of February 2023 was already recorded by The National Scam Response Centre (NSRC).
Methodology: The number represents the malicious mailings blocked by Kaspersky Anti-Phishing system in 2022 in Malaysia, for both individual and enterprise users.
“Malaysia remains top three amongst its Southeast Asian peers in terms of malicious emails blocked by Kaspersky. It’s important to note that the increased phishing trend is observed not just in Malaysia but globally. This tactic remains a go-to infection technique for cybercriminals because phishing as a social engineering is really effective and easy to conduct. As the bad actors continue to be creative to hack our human minds through topics we care about, we need to continuously raise our awareness and really act on protecting our devices against cyber threats,” says Adrian Hia, Managing Director for Asia Pacific at Kaspersky.
Globally, the number of phishing attacks increased markedly last year. Kaspersky’s Anti-Phishing system prevented 507,851,735 attempts to follow a phishing link.
In 2022, pages impersonating delivery services had the highest percentage of clicks on phishing links blocked by our solutions (27.38%). Online stores (15.56%), which were popular with attackers during the pandemic, occupied second place. Payment systems (10.39%) and banks (10.39%) ranked third and fourth, respectively.
The rating of organizations targeted by phishers is based on the triggering of the deterministic component in the Anti-Phishing system on user computers. The component detects all pages with phishing content that the user has tried to open by following a link in an email message or on the web, as long as links to these pages are present in the Kaspersky database.
“Recently, we’ve seen an increase in targeted phishing attacks where scammers don’t immediately move on to the phishing attack itself, but only after several introductory emails where there is active correspondence with the victim. Our experts predict that this trend is likely to continue. New tricks are also likely to emerge in the corporate sector in 2023, with attacks generating significant profits for attackers,” adds Hia.
To make sure that you don’t become a phishing attack victim, here are some precautionary steps you should always take to avoid phishing.
- Learn to recognize phishing attacks: make sure yourself familiar with what all types of phishing attacks look like. When you receive them, delete them immediately.
- Report phishing attacks: Once you have avoided a phishing attack, report the attack. This will allow companies to step up security and ensure they’re keeping customer accounts safe.
- Get antivirus and anti-phishing software: Most digital security companies have software that has anti-phishing components built-in. Many will allow you to filter out phishing messages as spam, so you don’t even see them. Make sure you are using an antivirus program that would also remove any virus on your computer and that would help heal any damage done if any bad actors had installed malware on your devices.