Reader Advisory

Some articles posted in The SlickMaster's Files may contain themes, languages, and content which may neither appropriate nor appealing to certain readers. READER DISCRETION is advised.

Thursday, May 21, 2020

Kaspersky blocks 56% increase on phishing attempts against SEA SMBs in Q1 2020

05/21/2020 11:07:44 AM

As the year 2020 has let us saw some of the surprisingly-worst tales of events unfolding right in our very eyes, here's a piece of news that delivers immediate concern, too: small and medium businesses need improved security capabilities as remote working continues. That came after Kasperksy's anti-phishing technology has been triggered for more than 800k times from the first three months (January to March 2020). 

It was a very busy quarter for cybercriminals and every small and medium business (SMBs) in Southeast Asia (SEA).  The global cybersecurity company’s Anti-Phishing System prevented 834,993 phishing attempts against companies with 50-250 employees, a 56% increase compared with the same period last year with just over 500k fraudulent attempts blocked.

In its press release, Kaspersky expounded the huge numbers and how their anti-phishing system managed to get a hold on them. 

The rating of organizations targeted by phishing attacks is based on the triggering of the heuristic component in the Anti-Phishing system on user computers. This component detects all instances when the user tries to follow a link in an e-mail or on the Internet to a phishing page in cases when such link has yet to be added to Kaspersky’s databases. The statistics mentioned are analyzed from Kaspersky’s solutions for SMBs operating with Windows, Mac OS, and Linux.

“The financial toll combined with the urgent need to adapt to a forced remote working arrangement without enough preparation undoubtedly put the IT security of SMBs on the edge. At the same time, cybercriminals are unethically piggybacking on the current chaos to increase their attacks’ success rate through social engineering tactics like phishing. Our data revealed such attempts are increasing as our technology foiled more phishing attempts this year than in 2019,” said Yeo Siang Tiong, General Manager for Southeast Asia at Kaspersky.

Phishing is known to be one of the most flexible types of social engineering attacks. Cybercriminals tend to disguise their attacks in so many forms and purposes, with a sole purpose – that is to trick minds and exploit human emotions to victimize users online. And with the pandemic that currently plagues the world, Cybercriminals are also bank on topics and “hot phrases” related to COVID-19 into their content, which boosts the chances of their infected links or malicious attachments getting opened.

The damage of this online crime ranges from hacked companies’ networks to stolen confidential data like personally identifiable information (PII), financial credentials, and even corporate secrets. Aside from this, some of the phishing attacks that posses malicious links or attachments are popularly used as launch pads for targeted attacks on organizations, such as the case of the $81M Bangladesh Bank Heist. 

All of the six countries in SEA registered an increased number of fraudulent emails blocked by Kaspersky in Q1 2020 as compared with the same period last year.

Q1 2020
Q1 2019

Number of phishing attempts against SMBs blocked by Kaspersky Anti-Phishing System

“Small and medium enterprises form the backbone of SEA’s growing economy, contributing immensely on both gross domestic product and employment. It is clear that governments across the region are aware of this as each has formulated different ways to help the sector during this challenging period. For our part, we are currently offering our select solutions for free to help SMBs and even the healthcare industry fend off escalating cyberattacks against them,” added Yeo.

Especially created with the SMBs’ security needs in mind, Kaspersky is giving six months free licenses for Kaspersky Security for Microsoft Office 365. Designed to protect mailboxes from viruses, Trojans, spam, phishing and other types of malware that can be spread via email, this solution also protects cloud-oriented enterprise communication and collaboration apps such as Microsoft Exchange Online, OneDrive, SharePoint Online and Teams from known and unknown cyberthreats. Find out here for more information. 

Meanwhile, Kaspersky, in collaboration with Area9 Lyceum, has also prepared a 20-30 minutes free online course on how to adapt to working safely from home, divided into two parts: 

  • Physical safety: What is COVID-19 and how should we all behave in order to minimize our chances of catching the disease.
  • Cybersafety: How we can protect our workplace from cybercriminals, as we work from home.

Aside from these, Kaspersky experts suggest the following tips for SMBs to avoid being lured by cybercriminals through phishing:

  • Teach employees about the basics of cybersecurity. For example, not opening or storing files from unknown emails or websites as they could be harmful to the whole company, or to not use any personal details in their passwords. In order to ensure passwords are strong, staff shouldn’t use their name, birthday, street address, and other personal information.
  • Regularly remind staff of how to deal with sensitive data, for example, to only store it in trusted cloud services that need to be authenticated for access and that it should not be shared with untrusted third parties.
  • Enforce the use of legitimate software, downloaded from official sources.
  • Make backups of essential data and regularly update IT equipment and applications to avoid unpatched vulnerabilities that could cause a breach.

Author: slickmaster | © 2020 The SlickMaster's Files

No comments:

Post a Comment

Feel free to make a comment as long as it is within the bounds of the issue, and as long as you do it with decency. Thanks!