Nearly 900 million phishing attempts in 2024 while cyber threats continue to grow

Kaspersky security solutions blocked over 893 million phishing attempts in 2024 - an increase of 26% compared to 2023, when the total number was almost 710 million. This increase (as shown in the graph below) between May and July is traditionally associated with the holiday season, when scammers often try to lure travellers with scams that include fake airline and hotel bookings, misleading travel packages and offers that seem too good to be true.

Experts have observed a number of fraud and phishing schemes aimed at stealing data, money and installing malware. In 2024, cybercriminals often mimicked the websites of well-known companies such as Booking, Airbnb, TikTok, Telegram and others. A campaign now underway, for example, is targeting users of TikTok Shop. Cybercriminals have created fake login pages designed to steal sellers' details. The scammers also took advantage of current trends by organizing scams based on popular themes, such as the cryptocurrency game ‘Hamster Kombat’ and TON wallets.

In 2024, fraud schemes also made use of fake celebrity images, promoting fake competitions with valuable prizes for fans that were never delivered. This trend continued into 2025.

Spam and malicious email campaigns

According to Kaspersky data, both individuals and corporate users encountered

Cybercriminals used various tactics in email campaigns targeting businesses, experts observed. These included sending, via email, password-protected files containing malicious content, SVG images presented as simple graphics, and many other scams. Attackers lured victims into clicking on malicious content through fake court appeals, offers, official notices and more.

Almost every second email in companies' inboxes - 47% of global traffic - was spam, an increase of 1.27 percentage points compared to the previous year. While spam includes various email threats, such as those mentioned above, it is not always malicious and is mainly unsolicited advertising. Experts note that last year's corporate spam trends primarily include ads for artificial intelligence solutions, related webinars, online marketing services, ways to increase followers and more.

To avoid falling victim to phishing, scams or malicious emails, Kaspersky experts recommend the following:

• Only open emails and click on links if you definitely trust the sender.
• When the sender is valid, but the content of the message seems strange, it is better to check with the sender via an alternative means of communication.
• Check the spelling of a website's URL if you suspect you are on a phishing page. The URL may contain errors that are difficult to spot at first glance, such as 1 instead of I or 0 instead of O.
• Use a proven security solution when browsing the web. With access to international sources of threat intelligence, these solutions can detect and block spam and phishing campaigns.