Researchers at Cyfirma outline trends in phishing campaigns around the world, finding that Singapore is disproportionately targeted by phishing attacks.
Singapore’s position at 5th place
“Between 1st January and 1st August, CYFIRMA’s telemetry recorded 410,793 phishing campaigns,” the researchers write. “While it’s no surprise that the United States tops the list as both the primary source and target of these phishing campaigns, Singapore’s position at 5th place among over 100 countries may come as a surprise. These are data based on ASN origin telemetry, which highlights
Singapore’s role as an appealing hosting location for malicious Virtual Private Servers (VPS) and exit Virtual Private Networks (VPNs). This appeal is rooted in Singapore’s outstanding high-speed, high-quality internet connectivity and its favourable business-friendly legislative environment. Unfortunately, these attributes also make it an enticing destination for cybercriminals.”
Other countries in Southeast Asia are also popular phishing targets, including Vietnam, Indonesia, and Malaysia.
“Zooming out to the broader Southeast Asian region, we observe similar trends,” Cyfirma says. “Vietnam secures the 10th position, Indonesia ranks 12th, and Malaysia claims the 19th spot. These rankings shed light on the region’s shifting landscape, where cybercrime steadily supersedes traditional street-level criminal activities. Consequently, various phishing schemes and scams are on the rise. Finally, Thailand finds itself in the 50th position on this list.”
Notably, phishing themes in Singapore are different from those that target other countries in the region.
“Interestingly Singapore presents a significantly different distribution of phishing themes,” the researchers write. “Among these, Logistics and Courier scams stand out as particularly prevalent in this region. Furthermore, Singapore exhibits a notable resistance to banking-related scams. This resistance can be attributed to a collaborative effort between the government and financial institutions, which has led to heightened awareness among Singaporeans regarding various banking scams. Data indicates this effort worked and resulted in [a] comparatively very low share of finance themed phishing campaigns.”
New-school security awareness training can teach your employees how to thwart phishing and other social engineering attacks.
Cyfirma has the story.
