Singapore – A recent report from global cybersecurity firm Netskope Threat Labs revealed that Asia-based employees are engaging with phishing links and malicious content at a double rate compared to other regions.
According to the report, phishing stood among the most common and effective social engineering tactics used by attackers, indicating 5.5 out of every 1,000 individuals working in Asia clicked on a phishing link monthly.
It was further observed that the victims click on links on various channels like email, messaging apps, social media, ads, and search engine results.
Attackers, on the other hand, were also noted employing phishing campaigns to steal employees’ credentials to different work or personal services, focusing on cloud services (28%), banking (16%), telco (15%), and social media (14%).
More specifically, the report highlighted malicious actors targeting cloud applications employees use at work for various reasons, including stealing sensitive data the employee has access to, using the compromised account to target other employees, or selling access to compromised cloud apps on illicit marketplaces.
Meanwhile, accessing malicious content was reported as something users in Asia do at a higher rate than other regions. In particular, the firm recorded 2.3 out of every 100 employees working in Asia each month attempting to access malicious content on the web or in the cloud, noting each instance potentially leading to a cyber incident as well. This figure, according to the company, remains double the global benchmark.
Malicious content also takes multiple forms, from malicious websites delivering various threats or capturing sensitive information to malicious documents hosted in cloud environments delivering malicious payloads if opened. The latter has become prevalent, with users in 86% of organisations downloading malware from cloud apps monthly.
Interestingly, the report also delved into data protection and genAI usage and risk, revealing 19% of employees in Asia violate their organisation’s data security policies monthly, sending sensitive company data into systems, tools, or applications where it is not authorised to go or to unauthorised recipients.
Another significant finding includes GenAI applications now being the route of a significant number of data policy violations, with source code (66%) the most common type of sensitive data leaking in GenAI prompts, followed by regulated data (26%) and intellectual property (7%).
In response, organisations based in Asia are blocking applications that serve no legitimate business purpose at a high rate, with 4.6 genAI apps blocked on average per month—and more than 70 per month in the most extreme cases.
Commenting about the report, Ray Canzanese, director of Threat Labs at Netskope, said, “With the constant evolution in employee behaviours and work habits, organisations in Asia are having to mitigate an increasing variety of risk factors and threats.”
“Our analysis illustrates this, with a combination of ‘traditional’ approaches such as phishing and malicious web content and more recent threats such as genAI data leakage or cloud-delivered malware both succeeding in putting employees and organisations across Asia at risk,” he continued.
These challenges underscore the importance of implementing controls that inspect all types of traffic and instances on a network, from content being presented to end users to how data is accessed and shared,” concluded Canzanese.
