KUALA LUMPUR, March 24 — Malaysia’s scam-related losses reached approximately RM2.7 billion in 2025, representing a 76 per cent increase from 2024, with a noticeable spike during festive seasons such as Hari Raya Aidilfitri, according to cybersecurity firm Fortinet Malaysia.
Its country manager Kevin Wong said phishing campaigns, fake e-commerce platforms, and fraudulent payment links largely drive these incidents.
With the growing adoption of digital payments, including e-duit raya, attackers are also exploiting QR codes and payment channels to redirect transactions.
"Festive periods are not just high-risk for consumers; they also expand the threat landscape for businesses and critical infrastructure.
"Higher transaction volumes and increased digital activity create a larger attack surface. At the same time, reduced staffing or operational shifts during holiday periods can slow response times, making organisations more vulnerable," he told Bernama.
Wong added that the Cyber999 Incident Response Centre recorded 2,020 incidents in the third quarter of 2025, a more than 20 per cent year-on-year increase, with phishing and online fraud accounting for approximately 75 per cent of cases.
The situation highlights an important reality: festive periods should not be treated as downtime for cybersecurity. Therefore, continuous monitoring, employee awareness, and strong identity controls, such as multi-factor authentication, are vital to maintaining resilience.
"Consumers should only shop on verified websites with secure connections, they should avoid clicking on links from unsolicited messages or deals that seem too good to be true, and use secure payment methods, such as credit cards with fraud protection.
"They should also enable multi-factor authentication and never share one-time passwords or banking credentials and avoid public WiFi for financial transactions," he said.
Wong emphasised that organisations must adopt artificial intelligence (AI)-driven security capabilities that can detect and respond to threats at machine speed, as attackers scale their operations using automation and AI.
As security architectures grow more complex, a unified platform approach that converges networking and security enables better visibility, faster response times, and reduced complexity across hybrid environments.
"Addressing the cybersecurity skills gap remains critical, where Fortinet’s research shows that 98 per cent of Malaysian organisations have experienced breaches linked to talent shortages, underscoring the need for continuous training, certification, and workforce development," he said.
