Kaspersky: A massive phishing wave exceeding 6 million attempts during shopping seasons 2025

Khadamaty-New

Kaspersky has released new cybersecurity data revealing a sharp rise in online threats targeting both global shoppers and gamers throughout 2025. According to the Kaspersky Security Network (KSN), cybercriminals continued to exploit major shopping seasons and high-traffic digital platforms to steal personal and payment information.

Between January and October 2025, Kaspersky blocked 6,394,854 phishing attempts impersonating online stores, banks, and payment services. Nearly half of these attacks—48.2%—specifically targeted online shoppers. The company also recorded more than 20 million attempted attacks on gaming platforms, with 18.56 million tied to malicious activity abusing Discord.

Seasonal Sales Fuel Surge in Shopping Phishing

As Black Friday and Single’s Day approached, attackers intensified their campaigns. In the first half of November alone, Kaspersky detected 146,535 spam emails linked to holiday promotions, including 2,572 referencing Single’s Day. Many reused templates from previous years, posing as trusted retailers such as Amazon, Walmart, and Alibaba, and luring users with early-access discounts leading to fraudulent websites.

Threat actors also extended their activity across the entertainment sector. In 2025, Kaspersky recorded 801,148 Netflix-themed and 576,873 Spotify-related phishing attempts—highlighting the growing trend of impersonating streaming platforms.

Gaming Platforms Face Billions in Threat Activity

Beyond e-commerce, gaming platforms remained a major target. Kaspersky detected 2,054,336 phishing attempts impersonating popular services including Steam, PlayStation, and Xbox. Malware disguised as gaming software surged as well, with 20,188,897 attempted infections. Discord-related detections accounted for the vast majority—18,556,566 attempts—marking an increase of more than fourteenfold compared to 2024.

“This year’s data shows that attackers increasingly operate across the full digital ecosystem,” said Olga Altukhova, Senior Web Content Analyst at Kaspersky. “They follow user activity across shopping platforms, gaming services, streaming apps, and communication tools, blending into familiar environments. For consumers, heightened vigilance and basic digital hygiene are essential—especially during peak online activity.”

Enhanced Protection for Safe Online Shopping

Kaspersky emphasized the importance of proactive security as consumers search for seasonal deals. Kaspersky Premium uses advanced detection technologies to identify fraudulent online stores by analyzing website characteristics and URLs. The product recently earned an ‘Approved’ certification from AV-Comparatives for its strong fake-shop detection performance.

More information is available on Securelist.com.

Kaspersky’s Safety Recommendations for Black Friday and Beyond

Avoid clicking unfamiliar links or attachments; always verify the sender.

Double-check e-commerce websites for accurate URLs, spelling, and design consistency.

Research unfamiliar retailers before making purchases.

Review banking or credit card statements frequently and report suspicious charges immediately.