-
Fake shopping pages now lead to phishing attacks, pages mimicking online stores made up 48.5 per cent of global financial phishing attacks last year, up sharply from the previous year, while fake bank pages dropped to 26.1 per cent.
-
Infostealer malware compromises millions of devices, nearly 26 million Windows devices suffered infostealer infections a few years ago, with stolen banking credentials and payment cards circulating freely on dark web marketplaces.
-
The Middle East faces the highest risk, The region sees 85.8 per cent of financial phishing attacks targeting e-commerce platforms, driven by rapid digital retail growth and high mobile shopping adoption.
Cybercriminals have changed their playbook. Instead of creating fake bank websites, hackers now focus more on tricking online shoppers. A new report from Kaspersky, a global cybersecurity firm, shows that fake online store pages made up nearly half of all financial phishing attacks worldwide last year.
The shift marks a sharp change in hacker strategy. Attackers now exploit the growing popularity of digital shopping rather than going after bank customers directly. The Kaspersky report on Financial Threat reveals that certain pages imitating online stores represented about 48.5% of financial phishing attacks globally last year, jumping 10.3% points from the previous year. In contrast, phishing pages impersonating banks dropped to just 26.1 per cent.
This trend hits the Middle East especially hard. The report found that 85.8 per cent of financial phishing activity in the region now targets e-commerce platforms. The rapid growth of digital retail in Gulf countries, backed by high smartphone use and government digital economy plans, creates more opportunities for criminals. The UAE leads the world in mobile shopping – it tops with 67 per cent of consumers using their phones for purchases, according to a Visa report.
Hackers Use ‘Infostealer’ Malware to Steal Login Details
In addition to fake e-commerce sites, cybercriminals are increasingly turning to the use of an infostealer program to steal bank accounts, username/password combinations, and other forms of electronic money (such as cryptocurrency) from infected systems.
Kaspersky’s Digital Footprint Intelligence team reported a sharp increase in the occurrence of infostealer infections two years ago (59% overall, 26% in the Middle East).
The report noted that in the past few years, approximately 26 million Windows-based computers around the globe were infected with infostealer malware. As a result, approximately 7% of all infected systems have had a legitimate credit card number taken.
Criminals buy and sell stolen data on dark web markets. As of last year, over 1 million online bank accounts from the top 100 banks in the world (measured by volume of accounts) were compromised by infostealers.
Even worse, 74% of the compromised credit/debit card numbers available on the underground markets were still valid as of March this year – this means that attackers could utilize stolen data from the original source for months after the breach occurred.
Dark Web Creates a Self-Sustaining Fraud Ecosystem
The hidden part of the Internet now serves as a central hub for financial cybercrime. Criminals aggregate stolen credentials and bank cards there, repackage the data, and sell it to other fraudsters. Phishing kits targeting financial product users also appear as ready-to-use services on these platforms.
This setup creates a self-sustaining ecosystem and environment where stealing of data and fraudulent activities reinforce each other. The system makes attacks easy and scalable to carry out – this is for fraudsters who have minimal experience. INTERPOL recently took action against this growing threat.
In Operation Secure, law enforcement from 26 countries arrested over 30 suspects linked to infostealer malware and took down more than 20,000 malicious IP addresses and domains. The operation identified over 216,000 victims so they could change passwords and secure their accounts.
Mobile Users Face Rising Risks from Banking Malware
As consumers adopt the evolving digital changes and shift their shopping and banking to mobile devices, cybercriminals have followed closely behind. The Kaspersky report reveals that mobile banking malware attacks rose by 1.5 times last year, but traditional PC-based financial malware continued to decline. Hackers now create and use fake shopping pages, especially for mobile screens, this approach makes them harder to spot.
Although many consumers believe they are safer using their mobile devices to shop, this mistaken belief may actually increase the chances of falling victim to these types of criminal activities.
Some criminals send out text messages containing fake order tracking links, and others create fake Shopping Software Apps that pose as legitimate. If you enter your credit or debit card information into one of such platforms, the criminal will have everything they need to commit identity theft by obtaining your funds.
The same social engineering tactics are used in geopolitical phishing campaigns, hackers linked to China have been sending fake war news to targets in Qatar, proving that whether the lure is a fake shopping deal or a breaking news alert, the goal is the same: to get you to click and install malware.
Security experts advise online shoppers to follow security measures, verify website addresses before entering payment details, enable two-factor authentication on all accounts, and avoid clicking suspicious links in emails or messages claiming amazing discounts.
Also, they should use official stores, such as Google Play or Apple’s App Store to download online apps, not third-party websites.
