Trends: Phishing Against SMBs Increase in Singapore & Region

In the first half of 2020, phishing attempts targeting SMBs in Singapore increased by 61%, mirroring similar increases across South East Asian countries.

Number of phishing attempts against SMBs blocked by Kaspersky Anti-Phishing System, year-on-year.

Number of phishing attempts against SMBs blocked by Kaspersky Anti-Phishing System, year-on-year.

With the COVID-19 pandemic accelerating Singapore’s digitalisation efforts, SMBs have become the focal point of discussion for many, as funding worries and the shift to telecommuting have left them in no man’s land.

“Despite the COVID-19 pandemic, Singapore continues to retain attraction as the region’s premier business hub, and speaks well of the local businesses’ ability to remain resilient despite headwinds from the global slowdown. However, almost half (41%) of businesses continue to express that the high costs of investment – lack of financing and funding – are major barriers holding them back from digitalisation. The implications of this statistic are significant, as it means cybersecurity may not be a key priority for businesses during this period of cost-cutting,” says Stephan Neumeier, Managing Director for Asia Pacific at Kaspersky.

While the Government has launched generous initiatives such as the new training and adult education industry digitalisation plan to augment SMBs’ competitiveness, malicious actors continue to find new ways to test businesses’ digital readiness.

According to Kaspersky’s latest statistics, the global cybersecurity company foiled 89,351 phishing attacks against SMBs in H1 2020, compared to 55,653 in the same period last year.

Although Singapore continues to fare better than their SMB counterparts in Indonesia, Malaysia, Philippines, Thailand and Vietnam to witness the lowest volume of phishing attacks in Southeast Asia, the 61% increase suggests that more can be done by Singapore’s SMBs to improve their cybersecurity.

More details below from the presentation and press release.

Globally, top phishing topics include malicious campaigns using the coronavirus as bait (mask selling scams, donation requests for coronavirus vaccine research funding, scams exploiting coronavirus fears, pandemic-related bonuses and “compensations,” etc.), employee performance appraisals (important messages from HR/admin, Sharepoint invitations and voice messages used as bait, etc.), urgent password check requests, urgent press release notices, email back-up notices, etc.

“Inevitably, the shift to remote working increases the number of cybersecurity risks and we see this turning into a self-fulfilling prophecy, where social engineering attacks in the form of phishing emails have increased substantially this year as more people work from home. The use of company devices to conduct personal tasks or accessing the corporate network on one’s personal device will lead to gaps in cybersecurity, where malicious actors gain additional windows of opportunity to compromise our IT devices and systems. Hence, it is important for SMBs to recognise that they cannot afford any slip ups and mitigate the risk of business disruption by enhancing their cybersecurity protocols,” Neumeier adds.

Apart from phishing attacks, malicious mining is emerging to be a major cybersecurity threat for SMBs in Singapore.Kaspersky foiled 14,141 mining incidents against the devices of businesses in Singapore in 1H 2020, a 90% increase compared to the same period last year.

Malicious mining, also known as cryptojacking, occurs when cybercriminals install a specialised “mining” software to create new coins by drawing upon the computing power of infected computers and devices.

Cryptojacking has also been known to occur when a victim visits a site that has a mining script embedded in the browser.

Although phishing attacks and ransomware are some of the more well-known threats that businesses face, its recent emergence as one of the top threats for SMBs highlights an urgent need to understand this phenomenon better.

Regarding ransomware attacks on SMBs, the Republic also witnessed a 90% decline in the number of ransomware attacks blocked by Kaspersky, with 277 attempts tracked for H1 2020 as compared to 2713 in the same period last year.

Tags: , , , , , , , , , , , ,

2 Responses to “Trends: Phishing Against SMBs Increase in Singapore & Region”

  1. Raymond Lau says:

    Glad to see that Singapore has the lowest incidences of phishing compared to other nations in SEA. Vietnam seems to have the greatest numbers.

Leave a Reply