You are here
Singapore a hotspot for business email scams, malicious Web addresses, says Trend Micro
SINGAPORE is the most vulnerable country in South-east Asia for business email compromise scams and a hotspot for hosting malicious Web addresses, according to cybersecurity solutions provider Trend Micro.
About 27.3 per cent of business email compromise (BEC) incidents that Trend Micro detected in South-east Asia took place in Singapore. That was followed by Malaysia, with 26.1 per cent; and Indonesia, with 25 per cent.
In a typical BEC attack, attackers initiate or intercept communication with a decision maker of a company with the ability to release funds or conduct wire transfers as payment for services or as part of normal operations. In most cases, that would be the chief executive or an executive with similar powers, the report explained. Because BEC attacks usually rely on social engineering tactics, the fraudulent emails typically contain no malware and go undetected by traditional security measures, Trend Micro said.
Singapore also emerged as a “hotbed” for hosting malicious URLs among South-east Asian countries, accounting for 68.1 per cent of such attacks. But as a target, Singapore only accounted for 19.8 per cent of malware attacks detected, which was second in the region. Malaysia represented 29.3 per cent of malware attacks in South-east Asia, the most in the region.
Singapore also ranked third in South-east Asia for experiencing the most email threats including spam, accounting for 10.9 per cent of the incidents detected. Vietnam was first in the region, with 46.2 per cent, followed by Indonesia, with 21.3 per cent.
Nilesh Jain, vice-president of South-east Asia and India at Trend Micro, said that attackers have become more targeted in their campaigns, eschewing the "spray and pray" style.
“Enterprises need to strengthen their cyber defences at every touch point, namely, on the endpoint, in the cloud, and at the network layer,” he said.
According to TrendMicro, the number of BEC attacks in 2018 increased by 28 per cent globally. More sophisticated and less frequent than phishing attacks, these attacks yield approximately S$177,000 per attack on average.
South-east Asia countries examined include Singapore, Brunei, Cambodia, Indonesia, Laos, Malaysia, Myanmar, the Philippines, Thailand, Timor Leste and Vietnam.