Alongside a coronavirus pandemic is a pandemic of obsessive social media habits that people need inoculation against.

In October 2021, along with the rest of the world, the Philippines commemorated Cybersecurity Awareness Month.

While the event is a new entry in the country’s annual calendar, cybersecurity issues are definitely not at all new to her people.

From March to September last year, the Philippine National Police Anti-Cybercrime Group recorded 869 recorded online scam cases. For his part, Bangko Sentral ng Pilipinas (BSP) Governor Benjamin Diokno stated that around one quarter of the 23,000 complaints lodged via an online chatbot feedback system were credit card concerns.

Those concerns mentioned in the press comprised information and identity theft, phishing and its variations, and card skimming and card replacement schemes.

Be aware, and do not overshare

To commemorate the awareness month, the Philippines’ Bank of the Philippine Islands (BPI), said to be South-east Asia’s oldest, shared some tips with its clients on protection from scammers.

  • They were reminded not to share personal information on social media. It is true that some people feel the need to post everything they do on Facebook. No one would think of posting a picture of a vaccination card with one’s birth date on it, but scammers could use even that one information–a birth date—to make you believe they are legitimate.
  • BPI recommends the use of a passphrase—a sentence-like string of words instead of a single password—for login authentication. Longer than a password; easier for the user to remember; and it trumps the hacker! The same passphrase must not be used for all accounts logins, however.
  • The third tip for BPI clients is to be wary of any attachments or links in any email. Even corporate logos and letterheads can be copied and pasted, or faked.
  • Finally, clients were reminded to “take the time to double-check”. If an email or other means of messaging looks legit, how much time would it take to call up the bank and verify if it is from them? Granted that time is money for business people, but they would surely prefer the minimal time loss compared to money lost forever due to a scam.

APAC as a cyber-attacker magnet

Even before the awareness month, Check Point Research had announced in the Philippines that the Asia-Pacific region was second only to Africa in terms of being most targeted region for cyberattacks—with an average of 1,299 weekly attacks per organization between 2020 and 2021. This year, the APAC region experienced a 20% increase in number of attacks.

The report also ranked South-east Asian countries with the highest number of attacks per volume:

  • Indonesia was tops, with an average of 2,981 weekly attacks per organization in 2021, a 15% increase from 2020
  • The first runner-up was Thailand at 1,686 (28% increase)
  • Next came Vietnam at 1,486 (8% decrease)
  • The Philippines came in fourth with 1,391 (35% increase)
  • Malaysia was fifth at 960 (4% decrease)
  • Singapore saw a 106% increase in attacks year-on-year

The highest volume of cyberattacks per sector were in education/research (1,468 attacks per organization each week), followed by government/military with 1,082 attacks; and health care at 752 weekly attacks.

Let us continue to remain cyber aware long after the awareness month!