Phishing attempts doubled in 2022 as scams, ransomware attacks continue to plague S’pore: CSA | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware

SINGAPORE – Phishing attempts continued to plague the nation as reported cases more than doubled to 8,500 in 2022, said the Cyber Security Agency (CSA) in a report on Friday.

The surge is more than twice the 3,100 cases reported in 2021. In most attempts, fraudsters spoofed banking and financial services, as well as government and logistics-related services such as online shopping deliveries.

CSA’s 100-page report details the cyber-security threats faced in 2022, including the use of highly destructive malware in the Russia-Ukraine conflict, targeting industrial systems to cripple a nation’s vital services.

Threats have intensified in the past year, said CSA chief executive David Koh in the report.

“Away from geopolitical cyber security developments, scams continued to plague the local landscape,” he said. “The impact of cybercrimes such as scams is typically measured in financial loss, but the emotional toll it takes on individuals – such as anguish, confusion, and distress – is immeasurable.”

Phishing – designed to trick victims into handing over money or data – remains the top scam type here, with 2,918 phishing links taken down by the Singapore Cyber Emergency Response Team (SingCert).

More than 80 per cent of reported attacks spoofed a bank or financial service, spurred by the growth of online banking since the Covid-19 pandemic, said CSA.

June and September 2022 saw the highest number of phishing attempts in the banking and financial services sector.

More than half of these attempts saw China-based banks spoofed, although CSA noted that several of these banks do not have a presence here and would not have been known to most customers in Singapore. The fraudsters would typically send phishing messages to the masses in the hope of luring those with ties to such banks.

Second-most spoofed were government-related entities such as the Land Transport Authority and Singpass. Fraudsters would send phishing e-mails or SMS messages seeking payment for fines and other false claims to exploit users’ tendency to comply with messages from the authorities, said CSA.

The relevant organisations have since issued advisories to warn the public of such attempts.

Spoofed websites and messages involving SingPost made up eight in 10 logistics-related scams. These scams are typically designed to dupe online shoppers by sending fake notifications about incoming parcels, or to urge them to pay for a made-up package held in transit.


Click Here For The Original Source.

National Cyber Security