Kaspersky reports that in 2025, cybercriminals continued to use seasonal shopping periods to distribute phishing pages and fraudulent promotions aimed at collecting personal and payment information.
Gaming platforms also remained a prominent target throughout the year.
Kaspersky Security Network (KSN) shows that from January through October 2025, the company blocked 6 394 854 phishing attempts impersonating online stores, banks, and payment systems, with 48,2% targeting online shoppers.
Over the same period, Kaspersky identified more than 20-million attempted attacks on gaming platforms, including 18,56-million abusing Discord.
Black Friday-related promotional campaigns continued to play a major role. In the first two weeks of November, Kaspersky detected 146 535 spam emails referencing seasonal sales, including 2 572 tied to Single’s Day promotions.
Many campaigns reused templates observed in previous years, imitating well-known retailers such as Amazon, Walmart and Alibaba, offering early-access discounts that direct users to fraudulent pages.
An extensive phishing activity abusing entertainment platforms was also detected, with 801 148 Netflix-themed and 576 873 Spotify-related attempts recorded in 2025.
Threat activity extended well beyond e-commerce. In 2025, Kaspersky detected 2 054 336 phishing attempts impersonating gaming platforms such as Steam, PlayStation, and Xbox. Malware disguised as gaming software saw significant activity as well: 20 188 897attempted infections were recorded, with Discord accounting for 18 556 566 detections, more than 14-times higher than in 2024.
“This year’s data shows that attackers increasingly operate across the full digital ecosystem,” says Olga Altukhova, senior web content analyst at Kaspersky. “They follow user activity across shopping platforms, gaming services, streaming apps, and communication tools, adapting their methods to blend into familiar environments.
“For consumers, this makes consistent vigilance and basic security hygiene essential, especially during periods of heightened online activity.”