Singapore is the Southeast Asian country most at risk of business email compromise attacks and hosts the highest number of malicious websites, a study by cybersecurity firm Trend Micro has revealed.
Around 27% of business email compromise (BEC) incidents detected in Southeast Asia occurred in Singapore, a Business Times report said, quoting data from Trend Micro. Following Singapore are Malaysia, with 26.1%, and Indonesia, with 25%.
BEC attacks usually consist of attackers initiating or intercepting communication with an executive or an employee that is authorised to release or transfer money to pay for services or other aspects of normal operations. As BEC scams rely on social engineering tactics and the emails do not contain malware, traditional cybersecurity measures may fail to catch them, Trend Micro said, adding that the global number of BEC attacks rose by 28% globally in 2018. These attacks are less common but more elaborate than traditional ‘phishing’ scams and cost targets an average of SG$177,000 per attack.
Meanwhile, Singapore is also a “hotbed” for hosting malicious URLs among Southeast Asian countries, with 68.1% of attacks originating there. However, Singapore only accounted for 19.8% of malware attack targets, or second in the region. Neighbouring Malaysia was the leader with 29.3% of malware attacks.
According to Nilesh Jain, vice-president of Southeast Asia and India at Trend Micro, cyber attackers have become more deliberate in their operations, targeting specific individuals or organisations rather than the general public.
“Enterprises need to strengthen their cyber defences at every touch point, namely, on the endpoint, in the cloud, and at the network layer,” he said.