Photo : Collected
Kaspersky anti-phishing technologies detected more than 7,000 attempts to follow a phishing link on businesses’ devices in Bangladesh in 2023. From January to December, Kaspersky solutions detected and blocked a total of 7,262 financial phishing attempts targeting companies of various sizes in the country.
The statistics reflect clicks on phishing links placed in various communication channels, including emails, fraudulent web sites, messengers, social media, etc. Interestingly, this number only refers to phishing links related to finance matters – e-commerce, banking, and payment systems.
“Phishing is a trusted technique for cybercriminals when it comes to infiltrating business networks because they usually work. The rise of generative AI helps cybercriminals to make phishing messages or scam resources more convincing. As a result, it becomes challenging for people to distinguish between a scam and a legitimate communication. That's why the role of robust security solutions increases,” comments Yeo Siang Tiong, General Manager for Southeast Asia, Bangladesh and Sri Lanka at Kaspersky.
“Cybercriminals employ various tactics, including financial-related phishing, to deceive employees and trick them into falling victim to an attack Our recent study showed employee security violations can be as damaging as external hacking for companies in Asia Pacific which means the human factor continues to play a role in making businesses vulnerable. Tools to help safeguard against human error are a vital step forward, but they can’t exclude employee education, skills development, and overall strengthening of the company’s ability to detect and respond to cyberattacks,” adds Yeo.
Phishing persuades users to take action which gives a scammer access to user’s device, accounts, or personal information. By pretending to be a person or organization the users trust, they can more easily infect the victim with malware or steal their information.
These social engineering schemes “bait” with trust to get valuable information. This could be anything from a social media login, to a user’s entire identity via their social security number. These schemes may urge the user to open an attachment, follow a link, fill out a form, or reply with personal information.
“Financial phishing” is a type of phishing which refers to fraudulent resources related to banking, payment systems and digital shops. Payment system phishing includes pages impersonating well-known payment brands.
To help companies protect their systems against the damages of a successful phishing attack, Kaspersky experts recommend to advance decision-makers’ understanding of the importance of cybersecurity and how best to distribute budgets to stay ahead of threats, engage them with Kaspersky Interactive Protection Simulation for enhanced C-level professional education.
Kaspersky also recommends considering experts’ help. For example, Kaspersky Assessments family of professional services identifies security gaps in users’ system configurations, and the Security Architecture Design helps create an IT security infrastructure that’s a perfect fit for a particular company. Every step of implementation is grounded in real security needs, giving decision-makers convincing arguments to allocate budgets.
They also recommend of installing and using enterprise security solutions with anti-phishing software: The Advanced Anomaly Control feature within Kaspersky Endpoint Security for Business Advanced, Kaspersky Total Security for Business and Kaspersky Endpoint Detection and Response Optimum help prevent potentially dangerous activities that are ‘out of the norm’, both undertaken by the user and initiated by the attacker who has already seized control of the system.
Messenger/Fameema
