Cybercriminals launch over 38m phishing attacks in 2024

LAHORE: In 2024, cybercriminals launched over 38 million phishing attacks, impersonating major marketplaces, banks and tech retailers, with stolen payment card data actively being traded on dark web forums.

Scammers frequently pose as well-known retailers, sending deceptive emails claiming to offer exclusive discounts. These emails lead to fake websites designed to closely resemble legitimate ones. Victims attempting to shop on these counterfeit sites often end up losing money.Another prevalent scam preys on consumers’ desire to win prizes. Fraudsters send messages promoting limited-time surveys with prize draws, promising valuable rewards like a free iPhone. To create a sense of urgency, they claim that only a few “chosen” users can access the deal, pressuring recipients to act quickly. Scammers typically request “basic information”, such as an email address, and encourage victims to spend money on a fake site. Kaspersky is closely monitoring the evolving landscape of shopping-related cyber threats. As shoppers prepare for major sales events during November and December in search of the best deals, cybercriminals and fraudsters are gearing up to exploit this demand, attempting to steal personal data, funds, and spread malware through deceptive shopping lures.

Between January and November 2024, Kaspersky solutions blocked 38,473,274 phishing attacks related to online shopping, payment systems, and banking institutions. This marks a significant 25 per cent increase over the same period last year. Of these attacks, 44.41 per cent targeted banking service users.

Kaspersky experts reveal that stolen data is either directly exploited by scammers or sold on dark web marketplaces. The value of the stolen data dictates its price. For example, comprehensive sets of stolen credit card details, known as ‘fullz’, typically include the card number, expiration date, CVV code, cardholder’s name, billing address, and phone number.

This year, dark web markets have begun adopting pricing strategies and marketing tactics similar to legitimate online retailers. Some even offer discounts and bundled deals, mimicking the seasonal sales found on mainstream websites.

To safely enjoy the best deals this sales season, experts recommend the following precautions: do not trust any links or attachments received via email or instant message. Always double-check the sender before opening them.

Review e-shop websites carefully before entering any information: check if the URL is correct, and look for any spelling errors or design flaws. Protect all devices used for online shopping with a reliable security solution. Set up payment notifications and regularly check their financial statements. If people notice anything suspicious, they should immediately contact their bank or credit card company.