Kaspersky reports phishing attacks grew by 40 percent in 2023

Woburn, MA – March 7, 2024 – Kaspersky's anti-phishing system thwarted over 709 million attempts to access phishing and scam websites in 2023, marking a 40 percent increase compared to the previous year's figures. Messaging apps, artificial intelligence platforms, social media services, and cryptocurrency exchanges were among the pathways most frequently exploited by threat actors to scam users.

Kaspersky’s previous annual analysis of the spam and phishing threat landscape revealed a persistent trend for 2022: a marked increase in phishing attacks. The trend continued in 2023, with attacks surging by over 40 percent, reaching a staggering 709,590,011 attempts to access phishing links. Besides a significant spike in phishing activity observed in May and June, the number of attacks rose steadily throughout the year. Scammers commonly propagated travel-related scams, such as counterfeit airline tickets and fake hotel deals.

The widespread integration of technologies featuring built-in GPT chats has provided scammers with new avenues to exploit. However, attackers have not forgotten their time-honored tactics. High-profile releases, events, and premieres, such as Barbie and Wonka, remained irresistible to phishers and scammers, whose counterfeit websites ensnared those eager to access the next big thing ahead of schedule or at a discounted rate.

Additionally, Kaspersky experts observed a surge in attacks spread via messaging platforms. Kaspersky solutions thwarted 62,127 attempts to redirect via phishing and scam links on Telegram, a notable 22% increase in such threats from the year before.

As in the previous year, the majority of redirection attempts in messengers via phishing and scam links targeted users in Russia. Brazil maintained second place, doubling the number of blocked phishing attacks from the previous year, followed by Turkey, India, Germany, and Italy, where Telegram-based phishing activity also grew. Users from Mexico took seventh place this time, passing Saudi Arabia.

"Phishing remains a prevalent threat in today's digital landscape, constantly evolving to deceive unsuspecting users,” said Olga Svistunova, security expert at Kaspersky. “Vigilance and skepticism are our strongest defenses against falling victim to these malicious schemes. Stay cautious, verify before you click, and protect your digital identity.”

To learn more about phishing threat landscape, visit Securelist.com.

In order to avoid becoming a victim of phishing-based scams, Kaspersky experts advise the following:

·       Only open emails and click links if you are sure you can trust the sender.

·       When a sender is legitimate, but the content of the message seems strange, it is worth checking with the sender via an alternative means of communication.

·       Check the spelling of a website’s URL if you suspect you are faced with a phishing page. If you are, the URL may contain mistakes that are hard to spot at first glance, such as a 1 instead of I or 0 instead of O.

·       Use a proven security solution when surfing the web. Thanks to access to international threat intelligence sources, these solutions are capable of spotting and blocking spam and phishing campaigns.

About Kaspersky

Kaspersky is a global cybersecurity and digital privacy company founded in 1997. Kaspersky’s deep threat intelligence and security expertise is constantly transforming into innovative security solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe. The company’s comprehensive security portfolio includes leading endpoint protection and specialized security solutions and services, as well as Cyber Immune solutions to fight sophisticated and evolving digital threats. Over 400 million users are protected by Kaspersky technologies and we help over 220,000 corporate clients protect what matters most to them. Learn more at www.kaspersky.com.