‘Securing e-wallets a shared responsibility’

MANILA, Philippines — Global cybersecurity and digital privacy firm Kaspersky has emphasized that securing convenient technologies, such as digital wallets, is a shared responsibility.

Yeo Siang Tiong, general manager for Southeast Asia at Kaspersky, said the recent incident involving the top digital wallet provider in the Philippines showed that cybercriminals continue to target fintech institutions.

“Clearly, we have seen in this unfortunate incident that the effect of a successful phishing attack can result in identity theft, financial loss, and reputational damage for both individual consumers and businesses,” he said.

Cybercriminals recently siphoned off the accounts of GCash users via unauthorized fund transfers to various accounts in Asia United Bank (AUB) and EastWest Banking Corp.

A recent report shared phishing attacks were deployed to sneak into the e-wallet accounts of the victims to conduct malicious transfers. Phishing remains one of the most prevalent and damaging threats in the cybersecurity landscape, primarily because it works.

Last year, he said Kaspersky blocked 822,536 financial phishing targeting businesses in Southeast Asia, of which nearly 52,914 financial phishing incidents are targeting users in the Philippines.

“The good thing is that our study showed Filipino respondents are aware of the phishing dangers in digital payments, and that 48 percent who were surveyed believed that antivirus software is required to protect their money and data online,” he added.

However, when asked if they have installed an antivirus and/or any other security solutions in the devices they use for online financial transactions, he reported that only half, at 25 percent, said yes.

“This data is alarming because, in spite of Filipino respondents’ knowledge of such online threat, the action to install a safety net against this is still lacking. It’s crucial for everyone to understand that everyone has a role to play in cybersecurity,” he warned.

According to him, cybercriminals always find ways to be creative and be believable.

“To enjoy the perks of these technologies, we need to also exercise due diligence. We need to arm ourselves with knowledge about phishing attacks, practice good cyber hygiene. But most importantly, we need security solutions to serve as a safety net for our digital assets and our devices,” he said.

The global cybersecurity and digital privacy firm also urged fintechs to prevent more implications of a phishing attack, like data breaches, remind employees about the basic signs of phishing emails; always report phishing attacks; and supply employees.

“Since phishing attempts can be confusing, and there’s no guarantee of avoiding all accidental clicks, protect your working devices and your enterprise perimeters with a holistic cybersecurity expert,” he said.