Kuala lumpur: Malaysia's scam-related losses reached approximately RM2.7 billion in 2025, representing a 76 per cent increase from 2024, with a noticeable spike during festive seasons such as Hari Raya, according to cybersecurity firm Fortinet Malaysia.

According to BERNAMA News Agency, Fortinet Malaysia's country manager, Kevin Wong, highlighted that phishing campaigns, fake e-commerce platforms, and fraudulent payment links are the primary drivers of these incidents. Wong noted that the growing adoption of digital payments, including e-duit raya, has led attackers to exploit QR codes and payment channels to redirect transactions.

"Festive periods are not just high-risk for consumers; they also expand the threat landscape for businesses and critical infrastructure. Higher transaction volumes and increased digital activity create a larger attack surface. At the same time, reduced staffing or operational shifts during holiday periods can slow response times, making organisations more vulnerable," Wong told Bernama.

He further emphasized that the Cyber999 Incident Response Centre recorded 2,020 incidents in the third quarter of 2025, showing a more than 20 per cent year-on-year increase, with phishing and online fraud accounting for approximately 75 per cent of cases. Wong stressed the importance of not treating festive periods as downtime for cybersecurity, advocating for continuous monitoring, employee awareness, and strong identity controls, such as multi-factor authentication, to maintain resilience.

Wong advised consumers to shop only on verified websites with secure connections (HTTPS), avoid clicking on unsolicited message links or deals that seem too good to be true, and use secure payment methods, such as credit cards with fraud protection. He also recommended enabling multi-factor authentication, never sharing one-time passwords (OTP) or banking credentials, and avoiding public Wi-Fi for financial transactions.

He underlined the necessity for organisations to adopt AI-driven security capabilities that can detect and respond to threats at machine speed, as attackers scale their operations using automation and AI. Wong also mentioned that as security architectures grow more complex, a unified platform approach that converges networking and security enables better visibility, faster response, and reduced complexity across hybrid environments.

"Addressing the cybersecurity skills gap remains critical, where Fortinet's research shows that 98 per cent of Malaysian organisations have experienced breaches linked to talent shortages, underscoring the need for continuous training, certification, and workforce development," said Wong.