Back-end offices vulnerable to phishing, says expert

A hooded man holds a laptop computer as a blue screen with an exclamation mark is projected on him in this illustration picture. REUTERS/Kacper Pempel/Illustration/File photo

Local companies serving as back-end offices for global brands may be more susceptible to phishing as cybercriminals persevere in looking for multiple entry points for their attacks, according to information technology service firm Okta.

“[The] dominance of phishing attacks is more [evident in] Philippine companies [that] provide services to global companies today where there’s back-office, call center—those kinds of operations,” Ben Goodman, general manager of Okta in Asia-Pacific and Japan, said in a press briefing on Friday.

“Philippines has many companies that fit that profile and therefore could become quite a big target as an entry point,” he added.

Goodman said employees of these companies were vulnerable to phishing, a method used by cybercriminals to steal private data, if they do not know how to properly use corporate digital platforms. This was especially true for new workers undergoing the onboarding process, he said.

According to Goodman, unsuspecting employees might click on malicious links accidentally, highlighting the need for companies to educate them while putting up cybersecurity safeguard measures.

“The threat actors, they go after the weakest target in the ecosystem. They do calculations,” Okta CEO Todd McKinnon warned.

According to a study by independent risk advisory firm Kroll, 75 percent of enterprises in the country have dealt with a cyberattack, which was higher than the 59-percent average for the Asia-Pacific region. The most common cyber incidents were phishing and malware, a computer or system attack to illegally access information or disrupt operations. INQ