Over 709 million attempts to access phishing and scam websites in 2023, have been thwarted by Kaspersky’s anti-phishing system, marking a 40% increase compared to the previous year’s figures. Messaging apps, artificial intelligence platforms, social media services, and cryptocurrency exchanges were among the pathways most frequently exploited by threat actors to scam users.
Kaspersky’s annual analysis of the spam and phishing threat landscape revealed a persistent trend for 2022: a marked increase in phishing attacks. This continued to escalate in 2023, surging by over 40%. Besides a significant spike in phishing activity observed in May and June, the number of attacks rose steadily throughout the year. This trend could be linked to the onset of the holiday season, during which scammers commonly propagate travel-related scams, such as counterfeit airline tickets, tours, and enticing hotel deals.
The widespread integration of technologies featuring built-in GPT chats has provided scammers with new avenues to exploit. However, attackers have not forgotten their time-honored tactics. High-profile releases, events, and premieres, such as Barbie and Wonka, remained irresistible to phishers and scammers, whose counterfeit websites ensnared those eager to access the next big thing ahead of schedule or at a discounted rate.
As in the previous year, the majority of redirection attempts in messengers via phishing and scam links were blocked by Kaspersky’s solutions on devices owned by users in Russia. Brazil maintained second place, doubling the number of blocked phishing attacks, followed by Turkey, India, Germany, and Italy, where Telegram-based phishing activity also grew. Users from Mexico took seventh place this time, displacing Saudi Arabia from the top seven.
“Phishing remains a prevalent threat in today’s digital landscape, constantly evolving to deceive unsuspecting users. Vigilance and skepticism are our strongest defenses against falling victim to these malicious schemes. Stay cautious, verify before you click, and protect your digital identity,” comments Olga Svistunova, security expert at Kaspersky.
In order to avoid becoming a victim of phishing-based scams, Kaspersky experts advise the following:
- Only open emails and click links if you are sure you can trust the sender.
- When a sender is legitimate, but the content of the message seems strange, it is worth checking with the sender via an alternative means of communication.
- Check the spelling of a website’s URL if you suspect you are faced with a phishing page. If you are, the URL may contain mistakes that are hard to spot at first glance, such as a 1 instead of I or 0 instead of O.
- Use a proven security solution such as Kaspersky Premium when surfing the web. Thanks to access to international threat intelligence sources, these solutions are capable of spotting and blocking spam and phishing campaigns.