By Brontë H. Lacsamana, Reporter
ALMOST THREE in four people in Southeast Asia (SEA) encountered at least one type of threat associated with digital payment technology, according to a recent study by internet security firm Kaspersky.
Titled “Mapping a secure path for the future of digital payments in APAC,” the 2021 study found that 72% of respondents in SEA experienced cyber threats, while nearly all (97%) were aware of at least one type of threat related to e-payment platforms.
Of those with experience, 37% encountered them in the form of social engineering scams via texts or calls, making this the top threat in the region. The next common types of scams are fake websites (27%), fake offers and deals (27%), and phishing (25%).
A total of 1,618 working professionals from 10 countries in Asia-Pacific were included as participants in the study. The respondents ranged from 18 to 65 years of age, all of whom are digital payment users.
The Philippines, which placed fourth in Kaspersky’s 2021 global ranking of countries most targeted by web threats, also saw social engineering scams via texts or calls as the top risk, with 42% of respondents having encountered them.
Sandra Lee, Kaspersky’s managing director in Asia-Pacific, said the adoption of digital payment methods appears to be a double-edged sword, with convenience representing benefits and cybersecurity risks showing their less desirable aspects.
“On the contrary, we believe that categorizing digital payments in such binary ways is premature. As with any emerging technologies, there is no inherent good or bad characteristic to them; rather, how we use them to achieve beneficial outcomes is determined by how we interact with them,” she said in a statement.
The study also found that the financial loss from a cyber-incident involving digital payments ranges from under $100 to $5,000, with a small number of respondents having reported a loss of over $5,000.
Over half (52%) said they lost money due to bank account and credit card fraud. Causes of financial loss in Southeast Asia included accounts getting hacked in a data breach (47%), fake and fraudulent apps (45%), ransomware (45%), and fake offers and deals (43%).
As for victims’ response to the threats, 67% shared they became more vigilant while 32% reported feeling anxious about recovering the lost money. Some 36% said they still trusted that banks and mobile wallet providers could resolve the issue while 18% didn’t.
TAKING ACTION
In March, the Department of Information and Communications and Technology (DICT) said the Philippines is still at level 1 in terms of awareness and communication as well as cybersecurity skills and expertise, with procedures not sophisticated enough yet.
The government’s goal is to push the Philippines forward to maturity level 5 or a “resilient enterprise” in cybersecurity terms within five years, DICT Acting Secretary Emmanuel Rey R. Caintic said in an interview with BusinessWorld.
Ms. Lee of Kaspersky added: “If we are to fully realize the benefits of digital payments, it is important that all stakeholders, including the government, digital payment providers, users, and even cybersecurity firms, work together to build a stable, secure, and future-proof payments ecosystem.”
The security firm suggested the following steps to protect against cyber threats:
• Beware of fake communications, and adopt a cautious stance when it comes to handing over sensitive information. Do not readily share private or confidential information online, especially when it comes to requests for your financial information and payment details.
• Use your own computer and Internet connection when making payments online. As like how you would make purchases only from trusted stores when shopping physically, translate the same caution to when making payments online — you’ll never know if public computers have spyware recording everything you type on the keyboard, or if your public Internet connection has been intercepted.
• Don’t share your passwords, PIN numbers or one-time passwords (OTPs) with family or friends. While it may seem convenient, or a good idea, these provide an entryway for cybercriminals to trick users into revealing personal information to collect bank credentials.
• Adopt a holistic solution of security products and practical steps. These can minimize the risk of falling victim to threats and keep your financial information safe. Utilize reliable security solutions for comprehensive protection from a wide range of threats to establish a secure connection and help check the authenticity of websites of banks, payment systems and online stores you visit.
The Kaspersky study also shared the top actions of respondents in Southeast Asia after they encountered threats:
• 64% changed passwords and other security settings on their banking and mobile wallet apps;
• 50% called the bank or related mobile wallet company;
• 45% informed their family members and friends about the incident;
• 26% installed security solutions on infected devices;
• 26% installed security solutions on both infected and uninfected devices; and
• 15% downloaded a new mobile wallet and created a new account.