By Shannon Murphy, Global Risk and Security Strategist, Trend Micro
Driven by a growing digital economy and rapid digital penetration, cybercriminals are going on phishing trips in Southeast Asia with increasing frequency. A recent report found that the region experienced a 48% increase in phishing URLs in 2023 alone.
In the Philippines, phishing accounts for 50% of digital fraud schemes that targeted local consumers in the last quarter of 2023. In addition to this, over 76 million malicious URLs were accessed in the country last year. These and other cybersecurity threats urged local organizations to revisit their cybersecurity protection systems while the government reinforced stronger cybersecurity programs in the National Cybersecurity Plan 2023-2028.
Beyond the sheer volume of attacks, the sophistication of phishing techniques is also advancing. Historically, cybercriminals employed broad-spectrum phishing, mass sending generic emails or texts to gather sensitive information, and spear phishing which used detailed personal information from social media to craft highly specific messages targeting high-value individuals or organizations.
As such, traditional phishing awareness training focused on spotting suspicious emails and language quirks – and was fairly effective. However, GenAI has transformed the face of phishing by generating realistic, context-aware messages that mimic legitimate communications in language, style, and tone. AI-powered tools can even break language barriers, allowing cybercriminals to target a global audience with accurate translations that incorporate cultural nuances. Consequently, traditional training is no longer sufficient against GenAI’s capabilities.
Countering AI-Assisted Phishing Begins with the Zero Trust Framework
Defending against deception-driven attacks is not solely a technological battle; it is equally a human challenge, necessitating a combination of adjustments across people, processes, and technology to fortify organizations against emerging threats.
It starts with adopting a Zero Trust — or ‘never trust, always verify’ — philosophy and building a security culture. Organizations should always verify identities, and allow only necessary people and machines to access sensitive information or processes for defined purposes at specific times. This limits the attack surface and slows attackers down. AI-driven detection tools, such as writing style analysis and computer vision, can further help protect the enterprise and support employees in identifying malicious content and behavior more efficiently.
Beyond technological defenses, organizations should implement processes such as multi-stakeholder approval for significant transactions and establish a ‘safe list’ of numbers for live voice authorization calls, rather than relying on a phone number embedded within a transfer request email. These measures can prevent attacks, even as cybercriminals increasingly use convincing voice deepfakes. Coded language could even be used for additional authentication.
At the same time, cybersecurity awareness training also needs to evolve accordingly — rather than focusing solely on identifying suspicious or malicious emails, it should educate employees on when and how to execute the above processes to prevent successful phishing attempts. These sessions should include simulations of phishing attacks to provide practical experience in identifying potentially suspicious situations — not just emails — and executing the related verification processes.
Most importantly, cybersecurity training should not be a one-time event but an ongoing process with content that is regularly refreshed and updated with the latest phishing techniques, which are constantly evolving with advancements in AI.
Staying Ahead of Cybercriminals with a Unified Approach
However, as the digital attack surface continues to expand through digital and AI transformation, cyber threats like phishing attacks will continue to become increasingly sophisticated and well-coordinated. This growing complexity is even more concerning due to the persistent talent and resource gap that organizations face in keeping up with the rapidly evolving threat landscape. The skills shortage in the Philippines is particularly severe since there are only around 200 certified cybersecurity experts in the country, making talent crunch a greater challenge.
More than ever, businesses need to adopt a proactive posture toward cybersecurity. This involves moving away from traditional approaches of security — which is to apply uniform security measures across all known systems — and adopting a risk-based approach, which includes continuous asset discovery and assessment to focus on prioritizing and building the appropriate controls for the most critical vulnerabilities.
A unified cybersecurity platform helps empower businesses by providing comprehensive visibility and centralized risk management, enabling quick detection and response to anomalies. This combination allows businesses to identify the most at-risk assets and potential intrusions, preventing and mitigating threats before they cause significant harm.
Ultimately, there isn’t one single way of combating security threats — the most effective approach is one that combines all of the above. By equipping employees with better, smarter tools and a comprehensive understanding of security practices, businesses can more effectively combat cyber threats and protect their digital assets and brands.
