In 2023, Kaspersky’s advanced anti-phishing technology successfully blocked an unprecedented 709 million attempts by users to visit phishing and scam websites, registering a 40% surge in such incidents over the prior year. This notable increase underscores a growing trend in the digital landscape, where threat actors increasingly exploit platforms such as messaging apps, AI-driven services, social media, and cryptocurrency exchanges to conduct scams.
The annual review of spam and phishing activities conducted by Kaspersky highlighted an alarming rise in phishing attacks throughout 2022, a trend that not only persisted but significantly intensified in 2023. The data reveals a substantial 40% jump in phishing attempts, culminating in over 709 million instances where users were nearly misled by fraudulent links. A significant uptick in these malicious activities was particularly evident in May and June, likely tied to the beginning of the holiday season—a prime period for scammers to push travel-related frauds, including bogus airline tickets, tour packages, and hotel offers.
Technological advancements, especially those incorporating GPT-powered chat functionalities, have opened new doors for cybercriminals to exploit unsuspecting users. Nevertheless, traditional schemes centering around high-profile events, product launches, and movie premieres like Barbie and Wonka continue to attract victims into the snares of fake websites offering early or discounted access.
Messaging platforms have become a hotbed for phishing and scam operations, with Kaspersky’s technology intercepting 62,127 attempts to mislead users through Telegram, marking a 22% increase from the previous year. The data indicates a pattern where such fraudulent attempts predominantly targeted users in Russia, followed by Brazil—which saw a doubling in the number of such attacks—Turkey, India, Germany, and Italy. Interestingly, Mexico emerged as a new hotspot for these activities, replacing Saudi Arabia among the top countries affected by Telegram-based phishing attempts.
In order to avoid becoming a victim of phishing-based scams, Kaspersky experts advise the following:
- Only open emails and click links if you are sure you can trust the sender.
- When a sender is legitimate, but the content of the message seems strange, it is worth checking with the sender via an alternative means of communication.
- Check the spelling of a website’s URL if you suspect you are faced with a phishing page. If you are, the URL may contain mistakes that are hard to spot at first glance, such as a 1 instead of I or 0 instead of O.
- Use a proven security solution when surfing the web. Thanks to access to international threat intelligence sources, these solutions are capable of spotting and blocking spam and phishing campaigns.