In 2022 Kaspersky saw an increase of 18 million malicious email attachments from the previous year, with the most triggers in March, May and June. Malaysia was at 2.62% in 2021 and the number went up to almost reaching 3% in 2022.
The malicious mailings that Malaysian users received were disguised as business correspondence. To get the recipient to open the attachment, cybercriminals will try to convince them that the content is business related information, like commercial offers or invoice or bank transfer slip. In most cases, when a malicious document is opened, the trojan is loaded.
Sometimes it is difficult to recognize what is genuine and what is a phishing attempt.
Based on the data gathered by Kaspersky, majority of phishing pages were hosted in the .com domain zone, and generally associated with entertainment content, which is perhaps what attracted victims to it.
According to Chris Connell, Managing Director for Asia Pacific at Kaspersky, scams promising compensation and payouts from government agencies, large corporations, and banks are likely to remain popular among cybercriminals in 2023.
“Data from our Kaspersky Secure Network (KSN) also tells us that the web threats in Malaysia in the past five years are actually on the downward trend. But that does not mean, we should put our guard down. Cybercriminals are becoming more creative to lure victims hence protection on our devices is essential,” says Connell.
KSN reported that Malaysia experienced highest web threats in 2021, at 61.3 million, and then came down to 37.1 million last year.
“The Communications and Digital Ministry has called for the need for state governments and government agencies on cybersecurity. It’s a good step towards a safer Malaysia. For our part, we have always been ready to collaborate and work on knowledge sharing with the public and private sectors in Malaysia to secure more Malaysians and the companies here.”
To stay protected against malicious mailings, Kaspersky recommends users the following:
Do not download and install applications from untrusted sources
Do not click on any links from unknown sources or suspicious online advertisements
Create strong and unique passwords, including a mix of lower-case and upper-case letters, numbers, and punctuation, as well as activating two-factor authentication
Always install updates. Some of them may contain critical security issue fixes
Ignore messages asking to disable security systems for office or cybersecurity software
Use a robust security solution appropriate to your system type and devices, such as Kaspersky Internet Security or Kaspersky Security Cloud. It will tell you which sites shouldn’t be open and protect you from malware