In a concerning revelation, Kaspersky, a leading cybersecurity firm, has released data indicating that email phishing attacks in Malaysia continue to occur at an alarming rate. According to Kaspersky’s Anti-Phishing System, a staggering 8,267,013 attacks were blocked in 2022, highlighting the severity of the issue.
Adding to the urgency, Cybersecurity Malaysia reported a total of 4,741 cyberthreats in 2022, and as of February 2023, 456 fraud cases have already been recorded. Furthermore, The National Scam Response Centre (NSRC) has reported a significant loss of RM27 million as of February 2023.
Among its Southeast Asian counterparts, Malaysia ranks among the top three in terms of malicious emails blocked by Kaspersky. However, it is essential to note that the surge in phishing attacks is not limited to Malaysia alone; it is a global trend. Phishing continues to be a favored technique for cybercriminals due to its effectiveness and ease of execution as a social engineering method. With hackers becoming increasingly adept at exploiting human vulnerabilities by targeting topics of personal interest, it is crucial for individuals to raise awareness and take proactive measures to protect their devices from cyberthreats.
Adrian Hia, Managing Director for Asia Pacific at Kaspersky, emphasizes, “As the bad actors continue to be creative to hack our human minds through topics we care about, we need to continuously raise our awareness and really act on protecting our devices against cyberthreats.”
Globally, the number of phishing attacks witnessed a significant surge in the previous year. Kaspersky’s Anti-Phishing system successfully thwarted 507,851,735 attempts to access phishing links.
In terms of industries targeted by phishing attacks, delivery services impersonations accounted for the highest percentage of clicks on blocked phishing links (27.38%) in 2022. Online stores (15.56%) held the second position, as they were popular targets during the pandemic. Payment systems (10.39%) and banks (10.39%) ranked third and fourth, respectively.
The rating of organizations targeted by phishers is determined by the Anti-Phishing system’s deterministic component on user computers. This component detects any pages containing phishing content that users attempt to open via email or web links, as long as these links are present in the Kaspersky database.
Hia adds, “Recently, we’ve seen an increase in targeted phishing attacks where scammers don’t immediately move on to the phishing attack itself, but only after several introductory emails where there is active correspondence with the victim. Our experts predict that this trend is likely to continue. New tricks are also likely to emerge in the corporate sector in 2023, with attacks generating significant profits for attackers.”
To protect yourself from falling victim to phishing attacks, it is essential to adopt precautionary measures. Here are some steps to follow:
- Learn to recognize phishing attacks: Familiarize yourself with different types of phishing attacks and their characteristics. If you receive suspicious emails, delete them immediately.
- Report phishing attacks: In the event that you successfully avoid a phishing attack, report the incident. This action helps companies enhance security measures and safeguard customer accounts.
- Install antivirus and anti-phishing software: Utilize digital security software that includes anti-phishing features. Such software can filter out phishing messages as spam, ensuring they never reach your inbox. Additionally, employ an antivirus program that can remove viruses and repair any damage caused by malware.