Kaspersky Lab today releases its Kaspersky Security Bulletin for 2018 with the local statistics and threats overview for Thailand for the past year.
According to the report, the web remains one of the major sources of cyberthreats in the country. The global cybersecurity company has detected 30,203,943 different Internet-borne infections in Thailand.
Overall, 31.8% of Thai users were attacked by web-borne threats last year according to the report with data from Kaspersky Security Network (KSN). This is a significant increase in comparison with 2017, when Kaspersky Lab products detected only 12,696,011 threats with 29.0% of users attacked.
According to Suguru Ishimaru, Security Researcher at Kaspersky Lab Japan, the increase in the number of online threats in Thailand follows a global trend, with the overall growth of detected malicious installation packages, new mobile banking Trojans, and new mobile banking Trojans.
Several Southeast Asian countries also made it to the world’s top 10 nations with the highest percentage of users attacked by online threats — for example by banking Trojans such as DanaBot, which was detected in Q2 2918 and continues to develop rapidly.
“Currently Thailand is 73rd worldwide in terms of the dangers we have detected which are associated with web surfing. While we can easily say that Thailand is safer compared with its neighbors in the region, we still highly urge the internet users in the country to put their guards up against these costly and damaging online threats. The more than 30 million online infections blocked last year proved that Thailand is still within the radar of cybercriminals. Beef up your defenses and improve your online habits. Do not be a willing prey,” says Yeo Siang Tiong, General Manager for Southeast Asia at Kaspersky Lab.
Attacks via browsers are the primary method for spreading malicious programs. Most often cybercriminals penetrate systems by exploiting vulnerabilities in browsers and their plugins (drive-by download). Infection due to this type of attack takes place when visiting an infected website, without any intervention from the user and without their knowledge.
This method is used in the majority of attacks. Among them, file-less malware is the most dangerous: its malicious code uses registry or WMI subscriptions for persistence, leaving no single object for static analysis on the disk.
Kaspersky Lab products which were developed to fight such stealthy threats apply a Behavior Detection component. It benefits from ML-based models and behavior heuristics to detect malicious activity even if the code is unknown. Another key technology, developed by Kaspersky Lab, is called Exploit Prevention which reveals and blocks in real time the malware’s attempts to benefit from software vulnerabilities.
The second most common type of online attack requires user participation: a user has to download a malicious file to their computer. This happens when cybercriminals make the victim believe they are downloading a legitimate program.
A top goal of cybercriminals is to trick users into downloading malware—programs or apps that carry malware or try to steal information. This malware can be disguised as an app: anything from a popular game to something that checks traffic or the weather. Thus one should never open emails that look suspicious — if a contest or offer seems too good to be true, chances are it probably is.
Here are some useful tips — from Kaspersky Lab’s team of security experts — to help you protect your money and data when you are online:
- Don’t assume links are genuine
You should always manually type in the URL — instead of clicking on a Do not visit websites by clicking on: Links in emails; Messages on social network sites; Messages in chat rooms; Banner ads that are on suspicious websites; Links sent to you by people you do not know.
- Beware of fake communications
Most organisations will never send emails asking customers to: Send personal data inan email; Visit their site for authorization; and Enter personal data in pop-up windows.
- Check the URL
When you’re visiting a web page that needs you to enter confidential data, carefully check that the address of the page that’s shown on the browser corresponds with the page that you were intending to Ifthe URL is made up of a random selection of letters and numbers — or it looks suspicious — do not input any information.
- Use encryption
Make sure that you use an encrypted connection, whenever you need to input any confidential data. Always check if the URL starts with letters ‘https’ — inaddition, the address bar or the browser’s status bar will display a small icon of a
- Use your own computer — and your own Internet connection
Try to avoid using public computers and public Wi-Fis. Public computers may have a variety of spyware programs running on them. On apublic Wi-Fi network, there is a risk that the traffic might be intercepted by the network’s administrator or by cybercriminals — and attacks might be launched with network worms.
- Use strong passwords, on your devices and your online accounts
Use long (12 characters and more) passwords everywhere, whenever possible, and a different password for each service or account.
- Eliminate vulnerabilities — inyour operating system and applications by updating them
This will help to eliminate operating system and application vulnerabilities that can be exploited by malicious software programs and attacks.
- Protect your devices against malware and Internet security risks
Arigorous anti-malware solution can protect you against computer viruses, worms, Trojan viruses and more. Some anti-malware products also include special technologies that provide additional layers of security when you’re using online shopping and banking websites.