Singapore a hotspot for drive-by download attacks, says Microsoft
Microsoft has warned that Singapore suffered from more drive-by download attacks than any other country in the Asia-Pacific region last year.
In these attacks, hackers install malware on their unsuspecting victims' computers.
The tech giant released its annual security threat report yesterday.
It said that though the region saw a 27 per cent decline in these drive-by download attacks - in which malware is unwittingly downloaded when a user visits a website or fills in a form - Singapore recorded a more than twofold increase last year.
Compared with 2018, Singapore experienced a 138.5 per cent rise in these attacks, through which hackers steal passwords or financial information from their victims.
Miss Mary Jo Schrade, Microsoft's assistant general counsel of its digital crimes unit in Asia, said that Singapore is an attractive target for these criminals due to its excellent financial standing in the region.
"We usually see cyber criminals launch such attacks to steal financial information or intellectual property, and this is a key reason why regional financial hubs, such as Singapore and Hong Kong, recorded the highest volume of such threats," she said.
These drive-by downloads take place when a user visits - or "drives by"- a website infected with malicious code.
Cyber criminals take advantage of vulnerable or outdated apps, browsers, or even operating systems.
Even without the user attempting to click or download anything from the site, the malicious code can get downloaded to the user's device.
Said Miss Schrade: "This unintentional download of the malicious code can result in the exploitation of vulnerabilities in web browsers, applications or even the device's operating system.
"This can be hosted on legitimate websites and it can be difficult for even an experienced user to identify a compromised site from a list of search results."
Experts advise users to make sure they install an antivirus programme and the latest security updates on their devices.
They should also uninstall software and any add-ons to their applications that are neither necessary nor used.
This digital clean-up will simplify the amount of software to be updated on their systems and minimise the risk of hacking.