Phishing attacks in Pakistan rise 18% in 2024: report

By Our Correspondent
February 27, 2025
A representational image of a hacker carrying out a cyber attack. — Orfonline/File
A representational image of a hacker carrying out a cyber attack. — Orfonline/File

LAHORE: Pakistan recorded an 18 per cent increase in phishing attempts in 2024 compared to the previous year, with cybercriminals ramping up attacks during the holiday season to exploit unsuspecting users with fraudulent offers.

According to data released by cybersecurity firm Kaspersky, phishing attempts worldwide surged 26 per cent in 2024, with the company blocking over 893 million attacks -- up from nearly 710 million in 2023. Every second email in corporate mailboxes was classified as spam, as cybercriminals increasingly impersonated well-known brands like Booking[dot]com, Airbnb, TikTok, and Telegram to steal credentials or spread malware. Users encountered more than 125 million attacks involving malicious email attachments last year.

Pakistan mirrored global trends, registering an 18 per cent rise in phishing attempts. The sharpest surge was observed between May and July, a period traditionally associated with travel scams, including fraudulent airline and hotel bookings, deceptive tour packages and unrealistic discounts.

One ongoing campaign targeted TikTok Shop users, with hackers setting up fake login pages to steal seller credentials. Cybercriminals also capitalized on trending topics such as the cryptocurrency game Hamster Kombat and TON wallets to orchestrate fraud. Fake celebrity endorsements were another major avenue of deception, luring victims with bogus giveaways that never materialised -- a trend that persists in 2025.

Kaspersky reported that both individual and corporate users encountered malicious email attachments more than 125 million times in 2024. Attackers deployed various tactics, including sending password-protected archives containing malware, embedding malicious content within SVG images disguised as harmless graphics, and distributing phishing emails that mimicked court notices, official alerts, and fake promotional offers.

Spam remained a persistent issue, accounting for 47 per cent of corporate email traffic -- a 1.27 percentage point increase from 2023. Fraudulent emails frequently promoted AI-related solutions, online marketing services, and follower-boosting schemes.