Can You Guess Common Phishing Themes in Southeast Asia?

Phishing Attacks are ProfitableResearchers at Cyfirma outline trends in phishing campaigns around the world, finding that Singapore is disproportionately targeted by phishing attacks.

Singapore’s position at 5th place

“Between 1st January and 1st August, CYFIRMA’s telemetry recorded 410,793 phishing campaigns,” the researchers write. “While it’s no surprise that the United States tops the list as both the primary source and target of these phishing campaigns, Singapore’s position at 5th place among over 100 countries may come as a surprise. These are data based on ASN origin telemetry, which highlights

Singapore’s role as an appealing hosting location for malicious Virtual Private Servers (VPS) and exit Virtual Private Networks (VPNs). This appeal is rooted in Singapore’s outstanding high-speed, high-quality internet connectivity and its favourable business-friendly legislative environment. Unfortunately, these attributes also make it an enticing destination for cybercriminals.”

Other countries in Southeast Asia are also popular phishing targets, including Vietnam, Indonesia, and Malaysia.

“Zooming out to the broader Southeast Asian region, we observe similar trends,” Cyfirma says. “Vietnam secures the 10th position, Indonesia ranks 12th, and Malaysia claims the 19th spot. These rankings shed light on the region’s shifting landscape, where cybercrime steadily supersedes traditional street-level criminal activities. Consequently, various phishing schemes and scams are on the rise. Finally, Thailand finds itself in the 50th position on this list.”

Notably, phishing themes in Singapore are different from those that target other countries in the region.

“Interestingly Singapore presents a significantly different distribution of phishing themes,” the researchers write. “Among these, Logistics and Courier scams stand out as particularly prevalent in this region. Furthermore, Singapore exhibits a notable resistance to banking-related scams. This resistance can be attributed to a collaborative effort between the government and financial institutions, which has led to heightened awareness among Singaporeans regarding various banking scams. Data indicates this effort worked and resulted in [a] comparatively very low share of finance themed phishing campaigns.”

New-school security awareness training can teach your employees how to thwart phishing and other social engineering attacks.

Cyfirma has the story.

Free Phishing Security Test

Would your users fall for convincing phishing attacks? Take the first step now and find out before bad actors do. Plus, see how you stack up against your peers with phishing Industry Benchmarks. The Phish-prone percentage is usually higher than you expect and is great ammo to get budget.

PST ResultsHere's how it works:

  • Immediately start your test for up to 100 users (no need to talk to anyone)
  • Select from 20+ languages and customize the phishing test template based on your environment
  • Choose the landing page your users see after they click
  • Show users which red flags they missed, or a 404 page
  • Get a PDF emailed to you in 24 hours with your Phish-prone % and charts to share with management
  • See how your organization compares to others in your industry

Go Phishing Now!

PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:

Subscribe to Our Blog

Comprehensive Anti-Phishing Guide

Get the latest about social engineering

Subscribe to CyberheistNews