Kaspersky has released some striking figures on financial fraud in Southeast Asia, with over 336,294 financial scams targeting organizations and businesses in the region.
According to cybersecurity experts, financial fraud attacks are increasing rapidly as cybercriminals continue to improve their tricks and adjust their fraud tactics to become more sophisticated.
The number of attacks increased by 41% compared to the same period last year. This increase can be explained by the strong development of the digital economy and the increasing use of artificial intelligence and automation by cybercriminals. This creates sophisticated phishing content and at the same time, more effective targeting.
Financial fraud is a form of fraud aimed at stealing personal and financial information involving impersonating financial institutions, payment systems, and e-commerce platforms.
Through financial fraud, attackers lure victims into revealing personal and valuable information, such as bank account login credentials, e-wallets, or personal and corporate data stored in these accounts.
Cybercriminals use a variety of sophisticated social engineering techniques to impersonate financial institutions to defraud, threaten, and coerce victims. In some cases, scammers impersonate charities to lure victims into donating to a fake fund.
Thailand recorded the highest number of financial fraud attacks with 141,258 cases, followed by Indonesia with 48,439 cases.
The figure in Vietnam was 40,102 cases, while Malaysia recorded 38,056 phishing attacks related to financial issues.
Singapore and the Philippines recorded the fewest attacks, with 28,591 and 26,080 respectively. Meanwhile, Thailand and Singapore both recorded the highest increases, with 582% and 406% respectively, compared to the same period last year.
To help businesses protect their systems against various cybersecurity threats, including financial fraud attacks, cybersecurity experts recommend the following:
-Keep software up to date on all devices to prevent attackers from exploiting vulnerabilities and breaking into your organization's network.
-Install available patches for commercial VPN solutions that allow employees to access remotely and act as a “gateway” to the corporate network.
-Back up data regularly and ensure quick access to data when needed or in an emergency.
- Avoid downloading and installing pirated software, software of unknown origin or unverified software.
- Do not expose remote desktop/management services (such as RDP, MSSQL…) to the public network unless absolutely necessary. Always use strong passwords, two-factor authentication, and firewall rules to protect these services.
-Monitor network access and activity to detect unusual activities, and limit user access based on actual needs to minimize the risk of unauthorized access and data leakage.
