HCM CITY — Cybercriminals have actively attacked small and medium businesses (SMBs) in Southeast Asia this year, according to global cybersecurity company Kaspersky.

It said its anti-phishing system prevented 834,993 phishing attempts against companies with 50-250 employees, a 56 per cent increase from the same period last year.

The statistics were collated from Kaspersky’s solutions for SMBs using Windows, Mac OS, and Linux.

Yeo Siang Tiong, general manager for Southeast Asia, Kaspersky, said: “The financial toll combined with the urgent need to adapt to a forced remote working arrangement without enough preparation undoubtedly put the IT security of SMBs on the edge.

“At the same time, cybercriminals are unethically piggybacking on the current chaos to increase their attacks’ success rate through social engineering tactics like phishing. Our data revealed such attempts are increasing as our technology foiled more phishing attempts this year than in 2019.”

Phishing is one of the most flexible types of social engineering attack, as it can be disguised in many ways and used for different purposes. Social engineering attacks, or tricking the mind, exploit human emotions to victimise users online.

Cybercriminals are also incorporating topics and “hot phrases” related to COVID-19 into their content, increasing the chances of their infected links or malicious attachments getting opened.

The damage ranges from hacking companies’ networks to stealing confidential data like personally identifiable information, financial credentials and even corporate secrets.

Besides, it is known that phishing attacks, particularly those with malicious links or attachments, are commonly used as launch pads for targeted attacks on organisations.

Indonesia, Malaysia, the Philippines, Singapore, Thailand, and Việt Nam registered an increased number of fraudulent emails blocked by Kaspersky in Q1 compared to the same period last year.

Number of phishing attempts against small and medium-sized businesses in Southeast Asia blocked by Kaspersky Anti-Phishing System in the first quarter of the year. — Photo courtesy of Kaspersky

“Small and medium enterprises form the backbone of SEA’s growing economy, contributing immensely to both gross domestic product and employment.

“It is clear that governments across the region are aware of this as each has formulated different ways to help the sector during this challenging period.

“For our part, we are currently offering our select solutions for free to help SMBs and even the healthcare industry fend off escalating cyberattacks against them,” Yeo said.

It is giving six months’ free licences for Kaspersky Security for Microsoft Office 365, and, in collaboration with Area9 Lyceum, has also prepared a 20-30-minute free online course on how to adapt to working safely from home.

Besides, to avoid being hacked by cybercriminals through phishing,  Kaspersky experts suggested SMBs should teach employees the basics of cybersecurity, regularly remind them about how to deal with sensitive data, enforce the use of legitimate software and download from official sources, back up essential data, and regularly update IT equipment and applications. — VNS