Exploring APAC Email Security Threats and Attack Trends

With its blend of geopolitical significance and economic influence, the Asia-Pacific (APAC) region has become a focal point for threat actors seeking to disrupt industries, steal sensitive data, and exploit global supply chains.

From phishing to business email compromise (BEC), attackers are utilizing sophisticated strategies to infiltrate APAC organizations and wreak havoc.

This blog explores the trends shaping the threat landscape in the APAC region, with a particular focus on Australia, New Zealand, Japan, and Singapore. Read on to learn more about the alarming year-over-year rise in email attacks and why advanced defenses are vital for countering today’s threats.

Between 2023 and 2024, the monthly median attack rate for all advanced attacks on APAC organizations increased by 26.9%, from 472 attacks per 1,000 mailboxes to 600. While attack volume remained relatively consistent throughout 2023, advanced attacks rose considerably from quarter to quarter in 2024, growing by 16% between Q1 and Q2 and 20% between Q2 and Q3.

The surge in attack volume across the APAC region can be attributed to several factors, including the strategic significance of its countries as epicenters for trade, finance, and defense. Additionally, these nations’ alliances with Western powers make them attractive targets for state-sponsored cyberattacks and sophisticated email campaigns designed to disrupt essential sectors and access valuable data.

Australia and New Zealand, for example, have faced an uptick in attacks from ideologically motivated groups who target government institutions and critical infrastructure in retaliation for their political stances. Similarly, Japan’s geopolitical positioning (including its expanded defense cooperation with the US) has drawn increased attention from state-affiliated hacking groups, particularly from China. Meanwhile, Singapore’s status as a global hub for finance, technology, and logistics has made it a prime target for cybercriminals and state actors aiming to disrupt regional trade and steal sensitive information.

Even though the number of phishing attacks reported to the FBI Internet Crime Complaint Center (FBI IC3) has declined slightly since 2021, phishing remains the leading type of cybercrime. Moreover, it’s frequently used as the first step in a much larger strategy—often to access login credentials that can be used to compromise accounts and launch additional attacks.

Phishing attacks on APAC organizations rose by 30.5% between 2023 and 2024. Interestingly, the growth in phishing attacks and overall volume varied a fair amount between businesses in Japan and Singapore and those in Australia and New Zealand.

Phishing attacks on organizations in Japan and Singapore surged by 37%, while enterprises in Australia and New Zealand experienced a slightly smaller but still significant increase of 30%. Although 30% is certainly substantial, it represents nearly 20% less growth—a noteworthy difference given that all four countries fall within the APAC region.

The contrast is even more stark when looking at the overall phishing attack volume. In 2024, the median monthly phishing attacks targeting businesses in Australia and New Zealand was 322 per 1,000 mailboxes. Organizations in Japan and Singapore, on the other hand, had a monthly median of 682 phishing attacks per 1,000 mailboxes.

Phishing's universal popularity makes it a useful benchmark for examining regional trends. Because it is generally the most prevalent attack type across industries, organization size, and geographic location, it allows us to do an apples-to-apples comparison between specific geographic regions.

Comparing these regions makes it clear how economic factors and global political factors impact attack patterns. Japan and Singapore are economic powerhouses in the APAC region, with Japan being the third-largest economy globally and Singapore, as previously mentioned, serving as a critical hub for global trade and finance. Although Australia and New Zealand have strong economies, they do not exert the same global financial or strategic influence as Japan and Singapore.

Moreover, both Japan and Singapore play key roles in regional and global supply chains, which means compromising one organization could provide a threat actor with access to an extensive ecosystem of interconnected enterprises. Australia and New Zealand, on the other hand, don’t necessarily have the same degree of exposure to global supply chain risks.

Compared to the 30%+ year-over-year increase in phishing attacks, the 6% growth in business email compromise attacks seems less startling. However, when you take into account the fact that the average cost of a single successful BEC attack is more than $137,000, and multiple organizations across the globe have lost millions due to BEC, any growth in BEC is worrisome.

Just as organizations leverage business intelligence to more effectively target customers, modern threat actors perform thorough research to optimize their business email compromise attacks. By mining publicly available information from sources such as LinkedIn, SEC filings, and even the target organization’s website, these cybercriminals can craft highly convincing emails designed to exploit employees' trust and maximize the likelihood of success.

With $2.9 billion in losses recorded in 2023 alone, BEC continues to be a leading cybersecurity threat. These text-based emails rely on social engineering tactics rather than technical exploits and rarely contain clear indicators of compromise, such as malicious links or attachments. As a result, they often evade detection by conventional security measures. This positions employees—generally considered the weakest element of an organization's cybersecurity—as the last line of defense.

The surge in email attacks across APAC underscores the evolving nature of modern cybercrime, as threat actors become more adept at exploiting regional economic and geopolitical dynamics to target vulnerable organizations.

Traditional defenses are no longer sufficient to counteract these complex threats, which rely on subtle social engineering and precise targeting. An AI-native email security solution is essential for identifying and neutralizing these attacks in real time, as it offers unparalleled visibility into emerging threats and protects organizations from costly breaches.

By staying ahead of attackers, organizations in APAC can safeguard their operations and maintain resilience in a progressively more hostile threat landscape.

See for yourself how Abnormal AI provides comprehensive email protection against attacks that exploit human behavior. Schedule a demo today.