As Malaysians prepare for Chinese New Year and Hari Raya Aidilfitri, the surge in  E-payments is creating new opportunities for cybercriminals to hide scams in plain sight. With digital transactions such as QR codes and digital wallets now embedded in everyday life, cybersecurity experts warn that festive spending habits may be lowering users’ guard.

Data from the Kaspersky Security Network (KSN) recorded more than 4 million web threat incidents in Malaysia between January and March 2025 alone — mirroring similarly high figures in the same period the year before. The sustained volume highlights how online threats remain persistent even as digital payment adoption accelerates.

Raised Threats

According to Bank Negara Malaysia, e-payment usage averaged 409 transactions per capita in 2024. Momentum continued into 2025, with e-money transaction values reaching RM21.5 billion in May — a year-on-year increase of more than 70%. As digital payments become the default mode for festive gifting, donations and retail spending, transactions are often made quickly and routinely, creating what experts describe as behavioural “blind spots”.

Seasonal scams frequently exploit these patterns. Fraudulent QR codes and payment links are disguised as festive promotions, limited-time vouchers, giveaways or donation appeals circulated via messaging apps and social media. These links redirect users to spoofed websites designed to harvest login credentials or payment details.

Preventive Care

Kaspersky research suggests many consumers may overestimate their ability to spot such threats. In Malaysia, 77% of respondents believe they can identify online risks independently, yet only 52% report using dedicated cybersecurity tools to secure their digital transactions.

“Many modern online scams are designed to closely resemble legitimate digital interactions, often reflecting local payment habits and festive cues,” said Simon Tung, General Manager for ASEAN and Asia Emerging Countries at Kaspersky. “These convincing formats weaken the instinctive checks people rely on, especially during busy festive periods.”

Kaspersky advises users to verify QR codes and payment links through official channels, avoid transactions prompted by urgency, and use trusted security solutions with anti-phishing protection when making digital payments during the festive season.

(Images: Unsplash)