Singapore – As cyber threats continue to increase, Kaspersky’s latest report found that more than 893 million phishing attempts globally were detected and blocked in 2024, indicating a 26% surge compared to the 710 million attacks recorded in 2023.
As noted in the report, the surge in attempts was on the rise between May and July, pointing to the period associated with holiday travel scams, including fake airline tickets, deceptive hotel reservations, and too-good-to-be-true offers.
A range of phishing and scam schemes were also observed, with attackers aiming to steal data and money and install malicious software. Experts reported these fraudulent websites mimicking brands such as Booking, Airbnb, TikTok, and Telegram, noting an ongoing campaign focusing on TikTok Shop users.
In addition, the report revealed cybercriminals creating fake login pages to capture the credentials of sellers. This extends to scammers trying to capitalise on trending news, orchestrating fraud schemes involving the hype topics, for example, the cryptocurrency game Hamster Kombat and TON wallets.
The use of fake celebrity endorsements for fraudulent prize giveaways was also a common scam in 2024, deceiving fans with false promises of valuable rewards. According to the cybersecurity firm, this trend carries on into 2025.
Kaspersky’s data further highlighted that both individuals and corporate users encountered malicious email attachments more than 125 million times in 2024.
Following this, they also pointed out cybercriminals using various tactics in email campaigns targeting businesses. These tactics involve sending emails with password-protected archives containing malicious content and SVG images disguised as harmless graphics, and many other schemes.
Attackers lured victims into clicking on malicious content through fake court appeals, fake deals, counterfeit official notifications and more.
Interestingly, spam made up 47% of all corporate email traffic in the past year, reflecting a 1.27 percentage point increase globally. While spam includes potential threats, much of it consists of unsolicited advertisements.
Experts also underscored the growing presence of promotions for AI tools, webinars, digital marketing services, and schemes for increasing online followers in corporate inboxes.
Talking about the report, Olga Svistunova, a security expert at Kaspersky, said, “While the core mechanics of phishing and scams remain unchanged, attackers constantly refine their disguises. They capitalise on trending news, hype-driven topics, and even combine branding from multiple companies on a single phishing page to enhance efficiencies of their campaigns. AI-driven tools help them to create highly convincing fake websites, making fraud harder to detect.”
“These evolving tactics pose a growing risk – not just to financial security but also to personal identity protection. As a result, vigilance and the use of robust cybersecurity solutions have never been more crucial,” Svistunova further explained.
Alongside these findings, Kaspersky also advised users to be more careful when opening emails to prevent themselves from becoming a victim of phishing, scams, or malicious messages. In particular, experts urged users to only open emails and click links if they trust the sender.
When a sender is legitimate, but the content of the message seems strange, Kaspersky also recommends users check with the sender first through other means of communication.
Additionally, they encourage checking the spelling of a website’s URL if you suspect they are faced with a phishing page. Experts further emphasised the use of a proven security solution when surfing the web.
