From April to June 2018, Kaspersky Lab security products discovered an all-time high of 10,685,682 web-antivirus detections of different types from data provided by the computers of Kaspersky Security Network (KSN) participants in the country.
The numbers for Q2 show a 100 percent jump from Q1 (January to March 2018) where 5,669,200 threats were detected.
This is more than a threefold leap from April-June 2017 when 3,174,077 web-based malware infections were tracked. The country ranked 44th most attacked country during this period.
Overall, 39.4 percent of the web-infection rate were detected from home users (those who use Kaspersky Internet Security) and 11.2 percent from business users (those who use Kaspersky Enterprise Security).
“Most of the web malware we have detected in the Philippines during the second quarter of 2018 were related to cryptomining. Majority of the web-attacks, including web-miners and threats related to browser extensions, that also has significant share in the Philippines in Q2, are targeted mostly against home users,” reveals Denis Parinov, Malware Expert at Kaspersky Lab.
Cryptomining malware refers to malicious tools used by cybercriminals to take over a device used for mining cryptocurrencies without the legitimate user’s knowledge.
More than half of the detected web threats were from malware-hosting sites based in the USA (51.32%), followed by the Netherlands (22.40%), France (5.71%), Portugal (3.04%), and Canada (2.78%).
“From 19.2% of users infected while surfing the web last year, there are now over 34.6% of Filipino netizens being targeted by cybercriminals. The rapid rise of the number of web threats targeting the Philippines is undoubtedly concerning,” says Siang Tiong Yeo, General Manager at Kaspersky Lab Southeast Asia.
The top five countries infected by web threats in Q2 2018 include Algeria (44.0%), Belarus (39.6%), Republic of Moldova (37.4%), Albania (37.3%), and Armenia (37.1%).
The danger of web threats
Web threats or attacks via web browsers are the primary method of spreading malicious programs. To prey on clueless Internet users, cybercriminals commonly use infected websites and plugins — also known as drive-by downloads or the unintentional download of malicious code to a computer or mobile device leaving it open to a cyberattack. It takes advantage of an app, operating system (OS), or web browser that contains security flaws due to unsuccessful updates or lack of updates.
Cybercrooks also use social engineering or a form of techniques designed to trick the human mind or exploit the user’s lack of knowledge, to lure unsuspecting users into sending them their confidential data, infecting their computers with malware or opening links to infected sites.
Successful web infections can be launchpads for more damaging attacks that can affect not just personal users, but also large organizations and even critical infrastructure.
The cybercriminals responsible for the infamous $80M Bangladesh Bank heist penetrated the bank’s system through malware planted on a benign website visited by a bank’s employee.
“The Philippine government has started enforcing laws involving key agencies to boost the state of cybersecurity in the country. These steps will, however, be futile if Filipino internet users are unconcerned and unaware of securing themselves online. The danger is here. Everyone has to take them seriously,” adds Yeo.
While cybersecurity requires a holistic and multi-layer approach, basic online habits matter when it comes to avoiding web threats. Here are some reminders from Kaspersky Lab:
1. Keep the operating systems (OS) and application on your computers and devices updated all the time.
2. Ensure all your programs have the latest version of antivirus software installed.
3. Be vigilant. Avoid opening unsolicited email attachments, visiting unknown websites, or downloading software from untrustworthy sites or peer-to-peer file transfer.