Lanka faced rising threats of financial phishing attacks in 2024

Sri Lanka is increasingly vulnerable to cyberattacks targeting businesses’ financial transactions, with 9,218 incidents of financial phishing detected in 2024 alone, according to the latest Kaspersky Security Bulletin. This figure highlights the growing sophistication of cybercriminals who are targeting businesses with deceptive online tactics designed to steal sensitive financial information.

Financial phishing attacks, which involve fraudulent notifications designed to impersonate legitimate financial institutions, have become a major concern for businesses worldwide. These attacks trick individuals and organizations into revealing critical credentials such as banking login details, credit card numbers, and payment information. Cybercriminals use malicious links or attachments to lure victims into falling for their schemes, often causing severe financial and reputational damage.

Sam Yan, Head of Sales for Asia Emerging Countries at Kaspersky. commented on the rising threat: “Financial phishing attacks in Sri Lanka is a clear signal that cybercriminals are becoming more sophisticated. As businesses digitize their financial transactions, they must recognize the risks associated with phishing and other cyber threats. It is crucial that they adopt a multi-layered approach to cybersecurity to protect sensitive data.

He added, “Organizations across Sri Lanka must prioritize cybersecurity as a business imperative. Phishing attacks are among the most prevalent threats today, and they can have far-reaching consequences if not addressed. Businesses should take immediate steps to implement effective anti-phishing technologies and ensure that their employees are well-trained to recognize and avoid such attacks.”

Kaspersky’s report highlights that financial phishing, particularly in the business-to-business (B2B) sector, is on the rise. Sri Lanka has reported a significant number of phishing attacks aimed at B2B financial notifications, with 9,218 incidents detected in 2024. This places Sri Lanka in a critical position, urging businesses to adopt stronger cybersecurity practices.

To counteract this growing threat, Kaspersky recommends that businesses and financial institutions in Sri Lanka implement a series of proactive security measures: Deploy anti-phishing technologies to detect and block malicious communications in real-time. Invest in employee training to raise awareness about phishing tactics and how to spot suspicious activities. Implement multi-factor authentication (MFA) to add an extra layer of protection to sensitive financial transactions.