Phishing attacks increased by 40% in 2023

Kaspersky's anti-phishing system prevented over 709 million attempts to access phishing and scam websites in 2023, an increase of 40% compared to the previous year's figures. Messaging apps, artificial intelligence platforms, social media services and cryptocurrency exchanges were among the ways most commonly exploited by perpetrators to deceive users.

Kaspersky's annual analysis of the spam and phishing threat landscape showed a consistent trend for 2022: a significant increase in phishing threats. In 2023 this increase continued to escalate, exceeding 40% and reaching a staggering 709,590,011 attempts to access phishing links. Apart from a significant increase in phishing activity seen in May and June, the number of attacks increased steadily throughout the year. This trend could be linked to the start of the holiday season, during which fraudsters typically spread travel-related scams such as fake airline tickets, tours and tempting hotel offers.

The widespread integration of technologies that have GPT chats installed has offered sophisticated operators new opportunities for exploitation. However, perpetrators have not forgotten their traditional tactics. Major releases, events and premieres, such as Barbie and Wonka, have been tempting to phishers and scammers, whose fake websites tricked those who wanted to book the next big event early or at a discounted rate.

In addition, Kaspersky experts have noticed an increase in attacks spread by messaging platforms. Kaspersky's solutions prevented 62,127 redirection attempts via phishing and scam links on Telegram, a remarkable 22% increase year-on-year in such threats.

As in the previous year, the majority of attempts to redirect messengers via phishing and scam links were blocked by Kaspersky's solutions on devices owned by users in Russia. Brazil retained second place, doubling the number of phishing attacks blocked, followed by Turkey, India, Germany and Italy, where Telegram-based phishing also increased. Users from Mexico took seventh place this time, displacing Saudi Arabia from the top seven.

To avoid phishing scams, Kaspersky experts advise:

• Only open emails and click on links if you are sure you trust the sender.
• When the sender is legitimate but the content of the message seems strange, it is worth checking the sender via an alternative means of communication.
• Check the spelling of a website's URL if you suspect you are dealing with a phishing page. If so, the URL may contain errors that are difficult to spot at first glance, such as a 1 instead of an I or a 0 instead of an O.
• Use a certified security solution when surfing the web. Thanks to access to international threat intelligence sources, these solutions have the ability to detect and block spam and phishing attempts.