Netskope Threat Labs: Asia-Based Employees More at Risk of Phishing

Netskope Threat Labs, a team of threat researchers at cybersecurity company Netskope, has published its annual research report dedicated to Asia. The report focuses on three types of threats Asia-based organisations are facing: phishing, malicious content delivery, and data security and genAI.

The Netskope Threat Labs report reveals that phishing remains one of the most common and effective social engineering tactics used by attackers, with 5.5 out of every 1,000 individuals working in Asia clicking on a phishing link monthly. The victims click on links on various channels, including email, messaging apps, social media, ads, and search engine results. This means that a company with 1,000 employees has been exposed to a potential cyber incident 5.5 times each month in the last twelve months. This is almost twice as much as the global average of 2.9 / 1,000.

Attackers, according to Netskope Threat Labs, are leveraging phishing campaigns to steal employees’ credentials to different work or personal services, with cloud services (28%), banking (16%), telco (15%) and social media (14%) being the top targets. Adversaries specifically target the cloud applications employees use at work for various reasons, including stealing sensitive data the employee has access to, leveraging the compromised account to target other employees, or selling access to compromised cloud apps on illicit marketplaces.

Netskope Threat Labs Finds Alarming Risks 

Accessing malicious content is also something users in Asia do at a higher rate than other regions. Each month, 2.3 out of every 100 employees working in Asia attempt to access malicious content on the web or in the cloud, with each instance potentially leading to a cyber incident as well. This is again twice the global rate, according to Netskope Threat Labs.

Malicious content takes multiple forms, from malicious websites delivering various threats or capturing sensitive information (keystrokes, passwords saved in browsers…), or malicious documents hosted in cloud environments delivering malicious payloads if opened. The latter has become prevalent, with users in 86% of organisations downloading malware from cloud apps monthly.

But phishing links and malicious content aren’t the only risks organisations and employees in Asia are regularly being exposed to. The Netskope Threat Labs report also focuses on data protection, and genAI usage and risk, revealing that:

• 19% of employees in Asia violate their organisation’s data security policies monthly, sending sensitive company data into systems, tools, or applications where it is not authorised to go, or to unauthorised recipients.
• GenAI applications are the route of a significant number of data policy violations, with source code (66%) the most common type of sensitive data leaking in genAI prompts, followed by regulated data (26%) and intellectual property (7%). In response, organisations based in Asia are blocking applications that serve no legitimate business purpose at a high rate, with 4.6 genAI apps blocked on average per month—and more than 70 per month in the most extreme cases.

Speaking on the findings, Ray Canzanese, Director at NetskopeThreat Labs, said: “With the constant evolution in employee behaviours and work habits, organisations in Asia are having to mitigate an increasing variety of risk factors and threats. Our analysis illustrates this, with a combination of ‘traditional’ approaches such as phishing and malicious web content, and more recent threats such as genAI data leakage or cloud-delivered malware both succeeding in putting employees and organisations across Asia at risk. These challenges underscore the importance of implementing controls that inspect all types of traffic and instances on a network, from content being presented to end users, to how data is accessed and shared.”