Alarming rise in financial fraud in Southeast Asian countries

Accordingly, Thailand is the leading country in Southeast Asia with the highest number of financial fraud cases, up to 141,258 cases. This is followed by Indonesia with 48,439 cases and Vietnam is third with 40,102 cases. Malaysia is fourth with 38,056 cases. The remaining countries in the region, Singapore and the Philippines, recorded fewer financial fraud attacks, with 28,591 and 26,080 cases, respectively.

However, Thailand and Singapore are the two countries with the highest growth in financial fraud cases. Specifically, the number of attacks in Thailand increased by 582%, while Singapore recorded a growth of 406% compared to the same period in 2023.

According to Kaspersky, these attacks often impersonate well-known brands in the fields of e-commerce, banking and online payment services. Their main purpose is to steal login credentials such as usernames, passwords and other sensitive data, including credit card information, bank account numbers, or important personal details.

Attackers often use sophisticated methods such as sending phishing emails, setting up fake websites that look exactly like the official websites of brands, or using text messages to lure victims into providing information.

Financial fraud is booming in these countries as cybercriminals continue to innovate and refine their tactics, making attacks increasingly sophisticated and difficult to detect.

Statistics show that the number of attacks has increased by 41% compared to the same period last year, partly due to the explosion in digital transformation and modern technology applications. In particular, bad actors have taken advantage of artificial intelligence and automation to create increasingly convincing phishing content, tailored to target and exploit victims' vulnerabilities more effectively.

“Over the past few years, the number of potential victims has increased significantly due to the growing popularity of online banking and digital finance services,” said Adrian Hia, General Manager for Kaspersky Asia Pacific.

“Kaspersky experts point out that the main reason for this increase is not due to lack of vigilance on the part of users, but rather that cybercriminals are becoming more daring and aggressive in their pursuit of user data and money. This includes sensitive data from devices belonging to businesses,” added Adrian Hia.

Commenting on the financial fraud trends in the coming time, Adrian Hia said: “Financial fraud will continue to grow in this region and sectors such as banking, insurance and e-commerce will remain the main targets. In addition to traditional phishing emails, cybercriminals will also continue to exploit social media and messaging platforms to spread fake links, websites and applications.”

With the growing popularity of deepfake technology, we will see the emergence of more sophisticated fake videos and voice messages, making detection extremely difficult.

Given this reality, businesses need to make cybersecurity a top priority. This includes deploying advanced security solutions, following best practices, and continuously raising awareness among their workforce.

Training employees on how to identify threats and protect themselves and their organization is key to combating the growing risks in cyberspace.

To help businesses protect their systems against a range of cyber threats, including increasingly sophisticated phishing scams, Kaspersky experts offer the following recommendations:

1. Always keep software up to date on all devices to prevent attackers from exploiting vulnerabilities and breaking into your organization's network.

2. Quickly install the latest patches for commercial virtual private network (VPN) solutions, especially those that serve as network gateways and provide remote access to employees. This helps reduce the risk of attacks through security vulnerabilities.

3. Back up your data regularly and ensure quick access when needed or in an emergency.

4. Absolutely avoid downloading and installing pirated software or software from unknown, unverified sources. These sources can be potentially high-risk, easily exploited to spread malware and compromise your system security.

5. Minimize the exposure of remote desktop or management services on public networks unless absolutely necessary. When using them, be sure to apply strict security measures such as setting strong passwords, enabling two-factor authentication (2FA), and configuring strict firewall rules to protect the system.

6. Monitor access and activity by monitoring the entire network for any unusual activity and controlling user access as necessary to minimize the risk of unauthorized access and data leakage.