Kaspersky has released its annual Financial Threats Report for 2023, offering a detailed analysis of the evolving financial cyberthreat landscape. The report reveals significant increases in mobile banking malware and cryptocurrency-related phishing, signaling growing threats to digital financial assets.
The previous 12 months has witnessed a substantial rise in the number of users encountering mobile banking Trojans, with attacks on Android users surging by 32% – contrary to 2022.
The most prevalent banking trojan was Bian.h, accounting for 22% of all Android attacks.
Geographically, Afghanistan, Turkmenistan, and Tajikistan recorded the highest share of users encountering banking Trojans, with Turkiye leading mobile banking malware attacks, with almost 3% of users affected (2.98%).
While the number of users affected by financial PC malware saw an 11% decline in 2023, Ramnit and Zbot were identified as the predominant malware families, targeting more than 50% of affected users. Consumers continued to be the primary target, comprising 61,2% of all attacks.
In 2023, financial phishing remained a significant threat, accounting for 27.32% of all phishing attacks on corporate users and 30.68% on home users. E-shop brands were identified as the top lure, with 41,65% of financial phishing attempts.
Additionally, PayPal phishing represented 54,78% of phishing pages targeting electronic payment system users. The report also highlighted a 16% year-on-year growth in cryptocurrency phishing, with 5,84-million detections in 2023 compared to 5,04-million in 2022.
E-shop phishing was identified as the most prevalent, recording 41.65% of all financial phishing pages. Amazon emerged as the most mimicked online store, accounting for 34% of phishing attempts, followed by Apple at 18,66% and Netflix at 14,71%. PayPal was the most targeted payment system, with 54,73% of attacks.
Cryptocurrency-related phishing and scams continued to grow, with Kaspersky preventing 5 838 499 attempts to follow cryptocurrency-themed phishing links – a 16% increase on 2022. Scammers mimicked cryptocurrency exchanges and offered coins in the name of large enterprises like Apple.
“Money has always been a magnet for cybercriminals, and a substantial portion of malware attacks are financially motivated,” comments Igor Golovin, a security expert at Kaspersky. “The surge in mobile malware witnessed last year highlights a concerning trend in cybercrime. With the emergence of new and aggressive malware strains, attackers are evolving their tactics to target mobile devices more aggressively.
“This underscores the imperative for individuals and businesses to maintain heightened vigilance, update protective measures, and fortify device security accordingly.”