Monday, May 29, 2023
manilastandard.net
ADVERTISEMENT
  • About
  • News
    • Top Stories
    • National
    • World News
    • Pinoy Abroad
    • Features
  • Opinion
    • Editorial
    • Columns
    • Soundbytes
  • LGUs
    • NCR
    • Luzon
    • Visayas
    • Mindanao
  • Business
    • Corporate
    • Economy & Trade
    • Stocks
    • Money
    • Agri & Mining
    • Power & Tech
    • IT & Telecom
  • Sports
    • Basketball
    • Volleyball
    • Fightsports
    • Active
    • Sports Plus
    • One Championship
    • Columns
  • Entertainment
    • TV & Movies
    • Celebrity Profiles
    • Music & Concerts
    • Digital Media
    • Columns
  • Lifestyle
    • Food
    • Culture & Media
    • Fashion
    • Health and Home
    • Leisure
    • Shopping
    • Columns
  • Others
    • Pets
    • Pop.Life
      • Newsmakers
      • Hangouts
      • A-Pop
      • Post Its
      • Performances
      • Malls & Bazaars
      • Hobbies & Collections
    • Technology
      • Gadgets
      • Computers
      • Business
      • Tech Plus
    • MS ON THE ROAD
      • Sedan
      • SUV
      • Truck
      • Bike
      • Accessories
      • Motoring Plus
      • Commuter’s Corner
    • Home & Design
      • Residential
      • Commercial
      • Construction
      • Interior
    • Spotlight
    • Gallery
      • Photos
      • Videos
    • Events
      • Seminars
      • Exhibits
      • Community
    • Biyahero
      • Travel Features
      • Travel Reels
      • Travel Logs
  • Advertise with Us
No Result
View All Result
  • About
  • News
    • Top Stories
    • National
    • World News
    • Pinoy Abroad
    • Features
  • Opinion
    • Editorial
    • Columns
    • Soundbytes
  • LGUs
    • NCR
    • Luzon
    • Visayas
    • Mindanao
  • Business
    • Corporate
    • Economy & Trade
    • Stocks
    • Money
    • Agri & Mining
    • Power & Tech
    • IT & Telecom
  • Sports
    • Basketball
    • Volleyball
    • Fightsports
    • Active
    • Sports Plus
    • One Championship
    • Columns
  • Entertainment
    • TV & Movies
    • Celebrity Profiles
    • Music & Concerts
    • Digital Media
    • Columns
  • Lifestyle
    • Food
    • Culture & Media
    • Fashion
    • Health and Home
    • Leisure
    • Shopping
    • Columns
  • Others
    • Pets
    • Pop.Life
      • Newsmakers
      • Hangouts
      • A-Pop
      • Post Its
      • Performances
      • Malls & Bazaars
      • Hobbies & Collections
    • Technology
      • Gadgets
      • Computers
      • Business
      • Tech Plus
    • MS ON THE ROAD
      • Sedan
      • SUV
      • Truck
      • Bike
      • Accessories
      • Motoring Plus
      • Commuter’s Corner
    • Home & Design
      • Residential
      • Commercial
      • Construction
      • Interior
    • Spotlight
    • Gallery
      • Photos
      • Videos
    • Events
      • Seminars
      • Exhibits
      • Community
    • Biyahero
      • Travel Features
      • Travel Reels
      • Travel Logs
  • Advertise with Us
No Result
View All Result
manilastandard.net
No Result
View All Result
Home Technology Tech Plus

Phishing and Enterprises: Kaspersky blocks 11M malicious mails in SEA in ’21

MST TechbyMST Tech
June 6, 2022, 2:52 pm
in Tech Plus, Technology
Reading Time: 6 mins read
A A
Share on FacebookShare on TwitterShare on Email

Cybercriminals are constantly coming up with new methods to deliver their spam and phishing messages to both individuals and businesses. Armed with the knowledge of the latest trends, they take advantage of the seismic shift in digital habits during the pandemic to launch social engineering attacks such as phishing emails. 

Kaspersky’s data showed that by including hot topics and phrases related to their online activities like shopping and streaming entertainment or the COVID-19 pandemic in their messages, the chances of an unsuspected user clicking infected links or malicious attachments increase tremendously.

In 2021, Kaspersky’s Anti-Phishing system blocked a total of 11,260,643 phishing links in SEA. Most of it were blocked on devices of Kaspersky users in Vietnam, Indonesia, and Malaysia.

“Email remains to be our main mode of communication for work here in Southeast Asia and 11 million phishing attempts in one year is just the tip of the iceberg. With all the critical data being sent via email, it is expected for cybercriminals to see it as an effective and lucrative entry point. An unfortunate example is the $81M Bangladesh Bank Heist in 2016 which was made possible by a single, successful targeted phishing attack. Enterprises in the region should carefully look into holistic and in-depth cybersecurity technologies to beef up the security of their highly critical mail servers,” says Yeo Siang Tiong, General Manager for Southeast Asia at Kaspersky.

Globally, 253,365,212 phishing links were detected and foiled by Kaspersky solutions last year. In total, 8.20% of Kaspersky users in different countries and regions around the world have faced at least one phishing attack.

Remote work and business email compromise (BEC)

The remote work triggered more attempts to phish corporate details for the past two years. Among the rising trends is business e-mail compromise (BEC). 

BEC attacks are a type of fraud that involves impersonating a representative from a trusted business. A BEC attack is defined as a targeted cybercriminal campaign that works by:

  • Initiating an e-mail exchange with a company employee, or taking over an existing one;
  • Gaining the employee’s trust;
  • Encouraging actions that are detrimental to the interests of the company or its clients.

According to Verizon, it was the second most common type of social engineering attack in 2021, and the FBI reported that BEC attacks cost U.S. businesses more than $2 billion from 2014 to 2019.

Kaspersky experts are increasingly observing BEC attacks. In Q4 2021, Kaspersky products prevented over 8000 BEC attacks, with the greatest number (5,037) occurring in October. 

Throughout 2021, the company’s researchers closely analyzed the way fraudsters craft and spread fake emails. As a result, they found out that the attacks tend to fall into two categories: large-scale and highly targeted.  

The former is called “BEC-as-a-Service”, whereby attacks simplify the mechanics behind the attack in order to reach as many victims as possible. Attackers sent streamlined messages en masse from free mail accounts, with the hope of snaring as many victims as possible. Such messages often lack high levels of sophistication, but they are efficient.  

An example of mass-scale CEO scam

The above message is an example of a mass-scale CEO scam scheme. 

In this scenario, an employee receives a fake email from a more senior colleague. The message is always vague telling that one has a request to handle. A victim may be asked to urgently pay off some contract, settle some financial conflict, or share sensitive information with a third party. Any employee may potentially become a victim. Of course, there are several noticeable red flags in such a message. There is no corporate account used, and the sender clearly is not a native speaker.

At the same time that some criminals are relying on simplified mass mail outs, others are turning towards more advanced, targeted BEC attacks. The process works as follows: attackers first attack an intermediary mailbox, gaining access to that account’s email. Then, once they find a suitable correspondence in the compromised mailbox of the intermediary company (say, financial matters or technical issues related to work), they continue the correspondence with the targeted company, impersonating the intermediary company. Often the goal is to persuade the victim to transfer money or install malware.

An example of targeted BEC attack

Since the target is, in fact, engaging in the conversation referenced by the attackers, they are far more likely to fall victim to the scam. Such attacks have proven to be highly effective, and that’s why they’re not only used by small-time criminals looking to make a quick profit. 

“Right now, we observe that BEC attacks have become one of the most widespread social engineering techniques. The reason for that is pretty simple – scammers use such schemes because they work. While fewer people tend to fall for simple mass-scale fake emails now, fraudsters started to carefully harvest data about their victims and then use it to build trust. Some of these attacks are possible because cybercriminals can easily find names and job positions of employees as well as lists of contacts in open access. That is why we encourage users to be careful at work,” comments Roman Dedenok, security expert at Kaspersky.

How can enterprises handle BEC attacks

Cybercriminals use a fairly wide range of technical tricks and social-engineering methods to win trust and carry out fraud. However, taking a range of effective measures can minimize the threat from BEC attacks:

  • Set up SPF, use DKIM signatures, and implement a DMARC policy to guard against fake internal correspondence. In theory, these measures also permit other companies to authenticate emails sent in the name of your organization (assuming, of course, that the companies have those technologies configured). This method falls short in some ways (such as not being able to prevent ghost spoofing or lookalike domains), but the more companies that use SPF, DKIM, and DMARC, the less wiggle room cybercriminals have. Use of these technologies contributes to a kind of collective immunity against many types of malicious operations with e-mail headers.
  • Train employees periodically to counter social engineering. A combination of workshops and simulations trains employees to be vigilant and identify BEC attacks that get through other layers of defense.
  • Use security tools to protect corporate communication channels such as Kaspersky Secure Mail Gateway with a solid set of anti-phishing, anti-spam, malware detection technologies. While BEC represents one of the most sophisticated types of email compromise, the product has a dedicated heuristic model for processing indirect indicators and detecting even the most convincing fake emails. 
  • Subscribe to an in-depth and regularly updated threat intelligence services to have in-depth visibility into cyberthreats targeting your organization.

Kaspersky solutions with content filtering specially created in the company’s lab already identify many types of BEC attacks, and its experts continually develop technologies to protect further against the most advanced and sophisticated scams.

ADVERTISEMENT
MST Tech

MST Tech

Related Posts

Igloo protects Southeast Asia’s multi-billion dollar coffee industry with innovative weather insurance for farmers

byMST Tech
May 27, 2023, 10:26 am
0
8
Igloo protects Southeast Asia’s multi-billion dollar coffee industry with innovative weather insurance for farmers

Regional insurtech Igloo expands its blockchain-based parametric index insurance to coffee farmers in Southeast Asia, showing commitment to covering more...

Read more

Kaspersky introduces new specializations with additional benefits to enhance partner program around cybersecurity for enterprises, MSPs 

byMST Tech
May 27, 2023, 10:24 am
0
8
Kaspersky introduces new specializations with additional benefits to enhance partner program around cybersecurity for enterprises, MSPs 

Kaspersky United partner program now includes new Enterprise specializations for its Gold and Platinum partners. Rebates for resellers and distributors...

Read more

Leading open finance platform Etiqa PH makes insurance more affordable with ‘insure now, pay later’

byMST Tech
May 27, 2023, 10:17 am
0
8
Leading open finance platform Etiqa PH makes insurance more affordable with ‘insure now, pay later’

Periods of high inflation challenge the financial security of people and businesses. Regionally, inflation in Southeast Asia has seen a...

Read more

HONOR sets foot in Caloocan, opens 5th experience store in SM City Grand Central

byMST Tech
May 27, 2023, 10:07 am
0
8
HONOR sets foot in Caloocan, opens 5th experience store in SM City Grand Central

HONOR Philippines Country Manager Sean Yuan, Vice President Stephen Cheng, Brand Manager Joepy Libo-on, and PR Manager Pao Oga with...

Read more

Ultra-fast gaming experience with Infinix NOTE 30 5G

byJasper Valdez
May 26, 2023, 9:30 pm
0
8

Targeting today’s youth with first in class technology, Infinix creates trendy, powerful and attainably priced smart devices. Mobile gamers, it’s...

Read more

Puregold’s Tindahan ni Aling Puring brings brands to masses

byMST Tech
May 26, 2023, 9:25 pm
0
8
ZTE strengthens commitment to sustainability, joins Science-Based Targets Initiative

With over 1.1 million sari-sari stores in the Philippines, big brands have a world of potential once they tap the...

Read more

Print Edition

View More

Recent Posts

  • Erdogan: Turkey’s undisputed titan enters third decade of rule
  • Empowering Employees and Clients with Tech, and Learning Culture to Drive Growth in a Volatile Biz Landscape
  • Gunfire adds to violations near end of breached Sudan truce
  • Stakeholders press for urgency of EV industry incentives as local assembly of e-motorcycles starts June 2023
  • Two Virunga park guards killed in DR Congo
  • Zelensky thanks air defence after ‘most powerful’ attack on Kyiv
  • Somalia to introduce direct universal suffrage in 2024
  • FIRST METRO PHILIPPINE EQUITY EXCHANGE TRADED FUND, INC.: Notice of Annual Shareholders’ Meeting

Advertisement

Latest News

Zelensky thanks air defence after ‘most powerful’ attack on Kyiv

byAFP
May 29, 2023, 9:00 am
0
8
Ukraine’s Zelensky visits southern front as battles rage

Kyiv, Ukraine - Ukrainian President Volodymyr Zelensky on Sunday praised his country's air defence forces, after the capital Kyiv saw the...

Read more

Somalia to introduce direct universal suffrage in 2024

byAFP
May 29, 2023, 8:00 am
0
8
Southwoods nails Seniors’ Fil golf crown

Mogadishu, Somalia - Somalia's government and federal member states said Sunday that direct universal suffrage would be introduced with local elections...

Read more

FIRST METRO PHILIPPINE EQUITY EXCHANGE TRADED FUND, INC.: Notice of Annual Shareholders’ Meeting

byManila Standard
May 29, 2023, 6:40 am
0
8
FIRST METRO PHILIPPINE EQUITY EXCHANGE TRADED FUND, INC.: Notice of Annual Shareholders’ Meeting

Read more

FIRST METRO SAVE AND LEARN DOLLAR BOND FUND, INC.: Notice of Annual Shareholders’ Meeting

byManila Standard
May 29, 2023, 6:35 am
0
8
FIRST METRO SAVE AND LEARN DOLLAR BOND FUND, INC.: Notice of Annual Shareholders’ Meeting

Read more

FIRST METRO SAVE AND LEARN F.O.C.C.U.S. DYNAMIC FUND, INC.: Notice of Annual Shareholders’ Meeting

byManila Standard
May 29, 2023, 6:30 am
0
8
FIRST METRO SAVE AND LEARN F.O.C.C.U.S. DYNAMIC FUND, INC.: Notice of Annual Shareholders’ Meeting

Read more

Advertisement

ADVERTISEMENT
Facebook Twitter Instagram Youtube

ABOUT US

Manila Standard

Manila Standard website (manilastandard.net), launched in August 2002, extends the newspaper’s reach beyond its traditional readers and makes its brand of Philippine news and opinion available to a much wider and geographically diverse readership here and overseas.

Digital Edition

In tone and content, the online edition mirrors the editorial thrust of the newspaper. While hewing to the traditional precepts of fairness and objectivity, MS believes the news of the day need not be staid, overly long or dry. Stories are succinct, readable and written in a lively style that has become a hallmark of the newspaper.

Download – Today’s Paper

Search

No Result
View All Result

6th Floor Universal Re Bldg., 106 Paseo De Roxas cor. Perea Street, Legaspi Village, 1226 Makati City Philippines

Trunklines: 832-5554, 832-5556, 832-5558

© 2021 Manila Standard - Designed and Developed by Neitiviti Studios.

No Result
View All Result
  • About
  • News
    • Top Stories
    • National
    • World News
    • Pinoy Abroad
    • Features
  • Opinion
    • Editorial
    • Columns
    • Soundbytes
  • LGUs
    • NCR
    • Luzon
    • Visayas
    • Mindanao
  • Business
    • Corporate
    • Economy & Trade
    • Stocks
    • Money
    • Agri & Mining
    • Power & Tech
    • IT & Telecom
  • Sports
    • Basketball
    • Volleyball
    • Fightsports
    • Active
    • Sports Plus
    • One Championship
    • Columns
  • Entertainment
    • TV & Movies
    • Celebrity Profiles
    • Music & Concerts
    • Digital Media
    • Columns
  • Lifestyle
    • Food
    • Culture & Media
    • Fashion
    • Health and Home
    • Leisure
    • Shopping
    • Columns
  • Pop.Life
    • Newsmakers
    • Hangouts
    • A-Pop
    • Post Its
    • Performances
    • Malls & Bazaars
    • Hobbies & Collections
  • Technology
    • Gadgets
    • Computers
    • Business
    • Tech Plus
  • MS ON THE ROAD
    • Sedan
    • SUV
    • Truck
    • Bike
    • Accessories
    • Motoring Plus
    • Commuter’s Corner
  • Home & Design
    • Residential
    • Commercial
    • Construction
    • Interior
  • Spotlight
  • Gallery
    • Photos
    • Videos
  • Events
    • Seminars
    • Exhibits
    • Community
  • Biyahero
    • Travel Features
    • Travel Reels
    • Travel Logs
  • Pets
  • Advertise with Us

© 2021 Manila Standard - Designed and Developed by Neitiviti Studios.

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In

Install Manila Standard Web App

Install App