According to Kaspersky’s new report, more than 1 million online banking accounts were compromised by infostealers in 2025. Financial cyberthreats have shifted toward credential theft and the reuse of data. Attackers are turning to social engineering and dark web marketplaces. Mobile financial malware, meanwhile, continues to grow.

Traditional financial phishing has not disappeared. According to 2025 data, pages imitating online stores dominated the financial phishing landscape with a rate of 48.5%. This represents an increase of 10.3% compared to 2024. Fraud conducted through this method occurred at rates of 26.1% in banking and 25.5% in payment systems. A decline was observed in bank phishing compared to 2024. The reason is thought to be that these services are becoming increasingly difficult to imitate and that fraudsters are turning to easier ways to access users’ finances.

According to Kaspersky, E-Commerce Fraud Is at Its Peak in the Middle East

According to the Kaspersky report, attackers are now adapting their campaigns according to regional digital habits. In the Middle East, financial phishing is overwhelmingly concentrated on e-commerce with a rate of 85.8%. This shift is particularly important for Gulf Cooperation Council markets such as the UAE, where e-commerce penetration and digital payments have expanded rapidly in recent years, supported by high smartphone usage and government-backed digital economy strategies.

In Africa, bank-related phishing is leading at 53.75%. Latin America shows a more balanced distribution, but the share of targeting e-commerce and banks is higher. APAC and Europe, meanwhile, display a structure more evenly distributed across all three categories; this points to diversified attack strategies.

“The Dark Web Has Become a Central Hub for Financial Cybercrime”

Polina Tretyak, a Kaspersky Digital Footprint Intelligence analyst, noted the following regarding the data in the report: “The dark web has become a central hub for financial cybercrime. Stolen credentials and bank cards harvested by infostealers are aggregated, repackaged and sold there, while phishing kits targeted at users of financial products are offered as ready-to-use services. This creates a self-sustaining ecosystem where data theft and fraud operations reinforce each other, making attacks scalable and easy to carry out even by fraudsters with minimal experience. Breaking this cycle requires proactive threat intelligence on the side of organisations and greater awareness and caution on the side of individual users.”

Kaspersky Report: Malicious Tools Increased by 59% Globally

Some of the notable data in Kaspersky’s new report are as follows;

• Financial phishing attacks in the Middle East are now increasingly targeting online shoppers rather than bank customers. More than 85% of these scams are now linked to fake e-commerce platforms.
• Malicious tools showed a major rise, and detections increased by 59% globally in just one year.
• While traditional phishing scams continue, the data revealed a notable shift in target preference.
• Mobile attacks showed a striking increase of 1.5 times compared to 2024.
• The dark web has become a hub for cybercrime. This is because stolen credentials and payment details are compiled and sold in the underground marketplace of the dark web.
• 74% of payment cards compromised by infostealers remained valid as of March 2026.
• Consumers now manage their finances more on mobile devices. For this reason, while traditional PC-based financial malware continues to decline, mobile banking malware attacks increased by 1.5 times in 2025.
• Globally, detections of infostealers increased by 59% between 2024 and 2025, including a 26% rise in the Middle East, and this reveals the growing scale of credential-based cybercrime in the region.

Install a Security Solution to Protect Against Fake E-Stores and Phishing Pages

Kaspersky offers the following recommendations to individuals and businesses for protection against cyberattacks and for cybersecurity:

For Individuals:

• Do not click on links in suspicious messages.
• Double-check web pages before entering your credentials or bank card information.
• Use multifactor authentication wherever possible.
• Create strong and unique passwords and store them securely in a password manager.
• Install a reliable security solution to protect against fake e-stores and phishing pages.

For Businesses:

• Review the entire infrastructure with experts. Eliminate vulnerabilities and consider external experts for new perspectives that can uncover hidden risks.

Use integrated platforms that provide rapid detection and rapid response to monitor and control all attack vectors across the organisation.