March 20, 2023 9:54 p.m.

Phishing is one of the most prevalent forms of cybercrime due to the minimal effort required and the fact that it really works. 

It’s usually built around an inherently simple scheme: using carefully crafted emails or notifications that mimic messages from banks, government organizations, entertainment platforms—really any service—cybercriminals can trick users into following a link to a fraudulent website and giving up their payment or personal details or even downloading malicious programs.

Kaspersky in 2022 has blocked a total of 822,536 financial phishing targeted at companies in Southeast Asia (SEA). From SMBs to large enterprises, financial phishers kept trying to infect businesses in the

region last year.

In this case, “financial phishing” refers not only to banking specific phishing but also payment systems and e-shops. Payment system phishing includes pages impersonating well-known payment brands, such as PayPal, MasterCard, American Express, Visa and others. E-shops refer to online stores and auction sites like Amazon, the Apple Store, Steam, eBay etc.

Indonesia chalked up the highest number of financial phishing incidents (208,238). Vietnam comes second  with 172,694, and Malaysia recorded 120,656. Thailand logged 101,461 phishing attempts related to finances, followed by the Philippines with 52,914, and Singapore with 22,109.

“It’s interesting to see companies being targeted by financial phishing but we have to remember here that businesses, at their core, are still made up of humans. Phishing is a type of social engineering attack. Social engineering attack is dubbed as hacking of the human mind. With nine out of ten employees needing basic cybersecurity skills training, cybercriminals know that the workforce remains a loophole they can exploit easily to launch a cyberattack against a company,” says Yeo Siang Tiong, General Manager for Southeast Asia at Kaspersky.

As reported, phishing email is usually the first chapter of 91% of all cyberattacks. A phishing simulation done by Kaspersky reinforced how cybercriminals trick employees into clicking malicious mails. 

It showed that workers tend not to notice pitfalls hidden in emails devoted to corporate issues and online delivery problem notifications and almost one in five (16% to 18%) clicked the link in the email templates imitating these phishing attacks.

Among the other phishing emails that gained a significant number of clicks are; reservation confirmations from a booking service (11%), a notification about an order placement (11%), and an IKEA contest announcement (10%).

To prevent complex attacks, and any related financial and reputational losses caused by phishing attacks, Kaspersky recommends the following for businesses:

• Remind your employees about the basic signs of phishing emails. A dramatic subject line, mistakes and typos, inconsistent sender addresses and suspicious links;
• If there is any doubt about the received email, check the format of attachments before opening them and the link accuracy before clicking. This can be achieved by hovering over these elements – making sure the address looks authentic and the attached files are not in an executable format;
• Always report phishing attacks. If you spot a phishing attack, report it to your IT security department and, if possible, avoid opening the malicious email. This will allow your cybersecurity team to reconfigure anti-spam policies and prevent an incident;
• Supply your employees with basic cybersecurity knowledge. Education should be aimed at changing the behavior of learners and teaching them how to deal with threats. As a major cybersecurity vendor, Kaspersky possesses a relevant base of information on real attacks and continuously supplements its Security Awareness Trainings in accordance with the current threat landscape;
• Since phishing attempts can be confusing, and there’s no guarantee of avoiding all accident clicks, protect your working devices and your enterprise perimeters with a holistic expert security like Kaspersky Extended Detection and Response (XDR) platform. It provides anti-spam capabilities, tracks suspicious behavior, and creates a backup copy of your files in case of ransomware attacks. Anti-phishing protection is also included, as well as threat hunting.

Enterprises can find out more about this new platform at go.kaspersky.com/expert .

Kaspersky in Southeast Asia also has launched a Buy 1 Free 1 promo. Businesses can now enjoy two years of enterprise-grade endpoint protection for the price of 1 with Kaspersky Endpoint Security for Business or Cloud or Kaspersky Endpoint Detection and Response Optimum, with 24×7 phone support. Interested customers can reach out to sea.sales@kaspersky.com.  

March 17, 2023 9:00 p.m.

STUDENTS won’t have to worry paying their loans during times of calamities and emergencies, as Quezon City first district Congressman Juan Carlos “Arjo” Atayde has introduced a moratorium on the payment of student loans administered by higher educational institutions (HEIs).

The House Bill 7279, which Atayde filed last Feb. 21, headed into its first reading six days later in the Committee on Higher and Technical Education, chaired by Baguio City Rep. Mark O. Go.

He said the bill — once it turns to a law — will halt the payment of all the fees, charges, and costs relating to student loans and technical-vocational training institutions (TVIs) or by the Unified Student Financial Assistance System for Tertiary Education (UNIFAST) during emergencies.

It will cover all students residing in areas declared to be under a state of calamity or emergency — those who are enrolled in state universities and colleges (SUCs), local universities and colleges (LUCs), private HEIs, and public and private TVIs.

“We have to find a way to help our students and their families, when natural or even these man-made calamities hit them hard. We just have to make everything easy for them including a moratorium on the payment of student loans,” Atayde said. “It is a burden on a student and their family especially in difficult times like aftermath of typhoon, fire and earthquakes, among other disasters.”

“In the order of spending, student loans will be their least priority since spending will go mostly to basic necessities for survival,” Atayde added.

The moratorium shall be effective for the duration of the state of calamity or emergency and for 30 days after its lifting. No penalties shall be collected on the deferred payments.

“To provide adequate relief and protection to our students in times of calamities and emergencies, this measure shall allow the deferral of student loan collections for a reasonable period during and after the onset of disasters.”

The Quezon City lawmaker cited also the availability of the moratorium, which shall not adversely affect the status of the students concerned with regard to their eligibility for re-enrollment on the succeeding semesters or terms, or their eligibility for graduation.

“The proposed legislation doesn’t prevent public and private HEIs from implementing more favorable forms of payment relief or assistance to students affected by disasters, prohibiting students from voluntarily waiving the moratorium on student loan payments, or availing subsidies and assistance from the government,” Atayde concluded.

March 16, 2023 1:59 p.m.

Beginning today, ShopeePay, Shopee’s integrated mobile wallet, is now available as a payment method for Apple services in the Philippines. Customers can use their ShopeePay account to pay for App Store, Apple Music, Apple TV app, and iTunes Store purchases, iCloud storage and more.

The addition of ShopeePay as an Apple ID payment method offers a new way to pay for Apple services without needing a credit card and still allows for easy, secure one-tap purchasing from Apple products including iPhone, iPad and Mac. 

Customers can manage their Apple ID payment information in Settings on iPhone and  iPad, or on their Mac or PC.

Agatha Soh, Director at ShopeePay commented, “ShopeePay is committed to meeting the needs of users who are increasingly expecting seamless payments across all platforms. We are excited to offer  ShopeePay as a convenient payment option for our customers, and expand  access to digital payments, benefitting more users.”

For more information on how to add ShopeePay as a payment method, please visit https://support.apple.com/en-us/HT201266 or https://shopee.ph/m/ShopeePay-Apple-ID-PH.