Thailand leads in phishing on online stores
From February to April 2022, Thailand ranked third in Asean in terms of the proportion of finance-related phishing attempts.
More than 55% of phishing attempts in Thailand are finance-related, while the proportion of such attacks using fake online stores in the country exceeds Southeast Asia, according to Russian-based cybersecurity firm Kaspersky .
“Phishing attempts are most popular among scammers as they use social engineering to lure users in,” said Benjamas Chuthapiphat, Thailand territory manager at Kaspersky.
From February to April, Thailand ranked third in ASEAN in the proportion of finance-related phishing attempts at 55.6%, behind the Philippines at 69% and Singapore at 55.7%.
Thailand was followed by Malaysia with 50.6%, Indonesia with 42.8% and Vietnam with 36.1%.
Overall, the proportion of phishing related to finance was 48.2% for the period.
From February to April, Thailand recorded 5.25% of phishing attempts related to banks and 22.2% relating to payment systems, according to a study by Kaspersky.
Phishing includes using fake banking apps or fake online payment platforms to extract user data.
Attacks using fake online stores recorded the highest proportion at 28.2%, also the highest in ASEAN.
Phishing via online stores is the use of fake online shopping websites or apps to send malicious links to users through text messages to trick consumers into providing their personal information, Ms Benjamas said. Thailand has a high number of online shoppers.
Across Asean, payment system-related phishing attempts were the top attacks with malicious emails targeting payment systems at 32.1%, followed by the use of fake online stores at 10.8% and banks at 5.03%.
According to Kaspersky, payment systems, the use of fake online stores and fake banks are all major targets for phishers. This indicates that they are more interested in personal data that gives access to money.
Puttipong Ponglaksamana, head of Thailand pre-sales at Kaspersky, said the company has also noted the tendency of hackers to target super apps through their infrastructure or users.
Super apps are the traditional way for banks and service providers to stand out in a crowded industry.
As they work with third parties and integrate their services into a single mobile application, the attack surface expands, opening up more opportunities to exploit.
Citing Kaspersky’s 2019 Computer Security Economics Report, Puttipong said the financial impact of an average data breach reached US$1.41 million in 2019, up 15 percent. compared to the previous year, while organizations reported the increasing complexity of attack scenarios.
Mr. Puttipong said that using Kaspersky’s managed detection and response solution can help organizations overcome budget constraints on cybersecurity protection amid cybersecurity personnel shortages, while the system can catch up with new phishing tactics and ransomware.