‘Financial sector most targeted by cybercriminals’

THE financial industry was among the most targeted segments by the cybercriminals in the past year in Southeast Asia, cybersecurity and anti-virus provider Kaspersky Lab said.

In a virtual event on Tuesday, the Russian company shared that banks are dealing with numerous cyber threats because of the potential financial gain through phishing tactics.

“The financial industry is very attractive for cybercriminals: they have a lot of money,” Kaspersky Senior Security Researcher Seongsu Park said. Park also noted that cryptocurrency—a digital asse—is vulnerable to cyberattacks due to its relatively less strict security measures.

He cited the common cyber threats for the financial sector; these include email fraud and email account compromise. Park also reiterated phishing and voice phishing or “vishing,” which steals login credentials of the clients.

The researcher also mentioned target ransomware attack with the intent of extortion and “sophisticated attack to steal crucial asset.”

One way of compromising cybersecurity is through digital attacks via mobile, Park explained, noting that it is a device commonly used by the banking clients.

“Nowadays, everyone uses a mobile phone and many people store some financial and important information into the mobile,” he said.

He also observed that cybercriminals were exploiting the current pandemic to steal sensitive information. “Many cybercrimes are using the Covid-19 theme for social engineering, making phishing pages or a scam,” he explained. Some even were spreading fake news about the pandemic, Kaspersky said.

Apart from banks and financial institutions, the most targeted sectors by cybercriminals in the past year include the government, diplomatic, telecommunications, educational, defense, energy, military and information technology companies, the cybersecurity firm enumerated.

Kaspersky said last week that Philippine small businesses and medium-scale businesses (SMBs) trailed those in Indonesia, Thailand and Vietnam in terms of phishing cases targeting companies with 50-250 employees.

“Indonesia registered the most incidents in 2020, followed by Thailand and Vietnam. Each of them logged over half a million attempts,” the company said. “Malaysian, Filipino, and Singaporean SMBs were not spared, with these nations charting a combined 795,052 attempts to visit phishing websites from January to December last year.”

With the evolving threat landscape, Park urged the financial sector to beef up cybersecurity measures.

“It is true that governments and financial organizations are combining efforts to offer lifeboats for SMBs via grants and offers, but we have to accept that cybercriminals will spare no one,” Yeo Siang Tiong, General Manager for Southeast Asia at Kaspersky, was quoted in a separate statement of the company as saying.

In a recent statement, several business groups in the Philippines urged the public to be more vigilant when transacting online. They reminded the clients to pay attention to notices and warnings by financial institutions about digital frauds, reminding them to never share online credentials and one-time passwords.

According to the Philippine National Police Anti-Cyber Crime Group, there were 869 online scams recorded from March to September last year, which is 37 percent higher than the 633 incidents registered during the same period in 2019.

Among the online scams are phishing, smishing and vishing, which target bank clients, credit card holders, online shopping and other users of digital financial services.

Image credits: AP