Cybersecurity Threats on the Rise: Phishing Attempts and Malicious Email Campaigns

In 2024, cybersecurity firm Kaspersky reported a significant increase in phishing attempts worldwide, with a 26% rise compared to the previous year. Cybercriminals continued to exploit well-known brands such as Booking, Airbnb, TikTok, and Telegram to steal credentials or install malware. Additionally, users encountered over 125 million attacks involving malicious email attachments. Every second email in corporate mailboxes was spam, highlighting the growing threat of cybercrime.

Phishing Attempts and Scam Schemes

Kaspersky’s security solutions blocked over 893 million phishing attempts in 2024, a substantial increase from the 710 million attempts blocked in 2023. The surge in attempts between May and July is traditionally tied to the holiday season, when fraudsters frequently try to lure travelers with scams involving fake airline and hotel bookings, deceptive tour packages, and too-good-to-be-true offers.

Experts observed a range of phishing and scam schemes aimed at stealing data, money, and installing malicious software. Cybercriminals often mimicked the websites of well-known brands, creating fake login pages designed to steal sellers’ credentials. For example, one ongoing campaign targeted TikTok Shop users, while scammers also capitalized on trending news, orchestrating fraud schemes involving hyped topics such as cryptocurrency games and TON wallets.

Examples of Phishing and Scam Schemes

• Fake celebrity images were used to promote giveaways of valuable prizes to fans that were never delivered.
• Fraudulent schemes involved fake airline and hotel bookings, deceptive tour packages, and too-good-to-be-true offers.
• Cybercriminals created fake login pages designed to steal sellers’ credentials on platforms like TikTok Shop.

Spam and Malicious Email Campaigns

According to Kaspersky data, both individuals and corporate users encountered malicious email attachments over 125 million times in 2024. Cybercriminals used various tactics in email campaigns targeting businesses, including sending emails with password-protected archives containing malicious content and SVG images disguised as harmless graphics. Nearly every second email in a corporate mailbox (47% of global traffic) was spam, marking a 1.27 percentage point increase from the previous year.

Advice from Kaspersky Experts

To avoid becoming a victim of phishing, scam, or malicious messages, Kaspersky experts advise the following:

1. Only open emails and click links if you are sure you can trust the sender.
2. When a sender is legitimate, but the content of the message seems strange, it is worth checking with the sender via an alternative means of communication.
3. Check the spelling of a website’s URL if you suspect you are faced with a phishing page.
4. Use a proven security solution when surfing the web, as these solutions are capable of spotting and blocking spam and phishing campaigns.

Conclusion

The evolving tactics of cybercriminals pose a growing risk to financial security and personal identity protection. Vigilance and the use of robust cybersecurity solutions have never been more crucial. By being aware of the latest phishing and scam schemes, individuals and businesses can take steps to protect themselves from these threats.

Published On Feb 21, 2025, at 09:52 AM IST

Join the community of 2M+ industry professionals by subscribing to our newsletter to get the latest insights and analysis. Download the ETCISO App to get real-time updates and save your favorite articles.