Examining the Legal Responsibilities of Spear Phishing Attacks in Malaysia
- DOI
- 10.2991/978-2-38476-154-8_6How to use a DOI?
- Keywords
- Phishing; Spear Phishing; Communications and Multimedia Act 1998; Penal Code (Malaysia); Personal Data Protection Act 2010
- Abstract
Phishing is a form of a fraud that involves the use of deceptive e-mails, websites, and other online methods to steal personal data such as passwords, credit card numbers, and bank account information resulting in identity theft, financial fraud, and data breaches. Spear phishing in particular, is a type of phishing that targets a specific individual or organization. It is a form of social engineering that uses personalised e-mails or messages to trick the recipient into providing sensitive information or clicking on malicious links. While typically impersonating a trusted source, such as a colleague or a company, trust and confidence is built between the victim and the fraudster. Therefore, spear phishing is a serious threat to organizations and individuals. The objectives of this paper are to examine the relevant statutory provisions in Malaysia concerning spear phishing and evaluate the level of protection provided to individuals in the event of a personal data breach or misuse. The first section of the paper discusses the differences between phishing and spear phishing. The second section examines the legislative framework in Malaysia with reference to cases addressing such offences. The third section discusses the issues pertaining to liability and who should be held responsible in the event an individual’s data is breached. Finally, based on the findings from the comparative study of the selected jurisdictions of Singapore and India for the comprehensive nature in addressing spear phishing the paper will put forth recommendations regarding the allocation of responsibility for spear phishing activities in Malaysia with a focus on the data protection laws as one of the ways in which Spear Phishing could be regulated.
- Copyright
- © 2023 The Author(s)
- Open Access
- Open Access This chapter is licensed under the terms of the Creative Commons Attribution-NonCommercial 4.0 International License (http://creativecommons.org/licenses/by-nc/4.0/), which permits any noncommercial use, sharing, adaptation, distribution and reproduction in any medium or format, as long as you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons license and indicate if changes were made.
Cite this article
TY - CONF AU - Ahmad Fauzey AU - Manique Cooray PY - 2023 DA - 2023/12/05 TI - Examining the Legal Responsibilities of Spear Phishing Attacks in Malaysia BT - Proceedings of the 3rd International Conference on Law and Digitalization 2023 (ICLD 2023) PB - Atlantis Press SP - 109 EP - 118 SN - 2352-5398 UR - https://doi.org/10.2991/978-2-38476-154-8_6 DO - 10.2991/978-2-38476-154-8_6 ID - Fauzey2023 ER -