Thai businesses most targeted in Asean for financial phishing
Sign up now: Get insights on Asia's fast-moving developments
Thai enterprises experienced over 240,000 attempted financial phishing attacks in 2024.
PHOTO: AFP
BANGKOK – Thai businesses are facing a surge in financial phishing attacks, and cyber criminals are exploiting the region’s burgeoning digital economy, according to a report by global cyber security firm Kaspersky.
The company revealed that Thai enterprises were the most targeted in South-east Asia, experiencing more than 240,000 attempted attacks in 2024.
Kaspersky’s data shows that its business security solutions blocked a staggering 534,759 attempts to open financial phishing links across South-east Asia in 2024.
These attacks targeted businesses of all sizes, with criminals using deceptive links distributed via e-mail, fake websites, messaging apps, and social media platforms.
“Financial phishing” specifically targets banks, payment systems, and online retailers, employing fake websites designed to mimic legitimate platforms and trick users into divulging sensitive financial information.
Mr Yeo Siang Tiong, general manager for South-east Asia at Kaspersky, expressed alarm at the volume of attacks.
He said: “The sheer number of financial phishing attempts detected on business devices in South-east Asia is deeply concerning.
“With the region’s digital economy expected to reach US$1 trillion (S$1.33 trillion) by 2030, it has become a prime target for cyber criminals, and businesses must remain vigilant.”
Thailand recorded the highest number of attempted attacks (247,560), followed by Indonesia (85,908) and Malaysia (64,779). Vietnam saw 59,560 attempts, while Singapore and the Philippines recorded just over 38,000 each.
Mr Yeo highlighted the role of artificial intelligence in escalating the threat.
He explained: “AI has enabled the creation of increasingly convincing fake websites, making it easier for users to fall victim (to scams).
“Coupled with the region’s diverse regulatory landscape and varying levels of cyber security readiness, South-east Asia presents a significant target for financially motivated attacks. Businesses require robust tools and real-time threat intelligence to stay ahead.”
Kaspersky experts have issued recommendations to mitigate the risk of phishing attacks.
For individuals:
Open only e-mails and click links from trusted senders.
Verify suspicious messages with the sender via alternative communication channels.
Carefully check website URLs for spelling errors.
Use reputable security software with up-to-date threat intelligence.
For businesses:
Conduct regular cyber security awareness training for employees.
Implement robust e-mail gateway protection to filter out malicious content.
Install comprehensive security solutions with anti-phishing technology on all business devices.
Mr Yeo said: “Regular staff training is crucial, as employees must be able to recognise social engineering tactics and identify fraudulent communications.
“For instance, fake e-mails from reputable companies like Booking.com often originate from free e-mail addresses – a clear red flag.” THE NATION/ASIA NEWS NETWORK
