Cybersecurity firm Kaspersky has indicated that over 1 million online banking accounts have now been compromised by so-called infostealers during the past year, as global cyberthreats shifted toward credential theft as well as data reuse. Kaspersky pointed out that attackers are moving away from traditional PC banking malware and relying more on sophisticated social engineering tactics as well as dark web marketplaces.
Kaspersky also revealed mobile financial malware continues to grow at a steady pace.
According to the report, traditional financial phishing has not actually gone away even in the AI age.
In fact, the research report has now revealed that pages that “mimicked e-shops dominated the financial phishing landscape (48.5% in 2025, up 10.3% from 2024), followed by banks (26.1% in 2025, down by 16.5% from 2024) and payment systems (25.5% in 2025, up by 6.2% from 2024).”
The decline in bank phishing may suggest that these services are becoming increasingly difficult “to successfully impersonate, and fraudsters are turning to easier ways to access users’ finances.”
Attackers are, for the most part, now seemingly adapting campaigns to regional digital consumer behavior . habits.
In the Middle East, financial phishing is said to be more concentrated on e-commerce (85.8%), indicating a significant “reliance on online retail lures, whereas in [other nearby regions] bank-related phishing leads (53.75%), which may indicate that user account security there is still insufficient.”
The LATAM region shows a more balanced distribution but with a relatively higher share of digital commerce (46.3%) and bank targeting (42.25%), while APAC and Europe display a more even spread “across all three categories, pointing to diversified attack strategies.”
The Kaspersky report has concluded that, as expected or anticipated, the distribution of detections of financial phishing tactics evolved.
During the past year, the decline in users impacted by financial PC malware continued as users increasingly depend on mobile devices to manage their money.
Contrary to PC banking malware, mobile banker attacks surged by as much as 1.5 times in the past year alone, when compared to the previous year.