This analysis of the financial threat landscape marks the first time, since recording phishing attempts, that figures have reached over 50 percent

Woburn, MA – February 28, 2018 — / — According to Kaspersky Lab anti-phishing technologies, in 2017 over 246 million user attempts to visit different kinds of phishing pages were detected, with 54 percent being attempts to visit a financial-related website vs. 47 percent in 2016. This analysis of the financial threat landscape marks the first time, since recording phishing attempts, that figures have reached over 50 percent.

Financial phishing attacks are fraudulent messages which link to copycat websites that appear legitimate. They aim to gain users’ credentials for banking and credit accounts, and data to access online banking or money transfer accounts – all for the purpose of stealing the victims’ money afterwards. With 54 percent of phishing attacks taking this form, more than every second attack across the world is looking to steal a victims’ money.

In 2017, the share of all financial phishing categories – attacks against banks, payment systems and e-shops – grew by 1.2, 4.3, and 0.8 percentage points respectively and made up the top three categories in overall phishing attacks detected – for the first time.

The distribution of different types of financial phishing detected by Kaspersky Lab in 2017

Moreover, attacks related to the global internet portal category – which includes global search engines, social networks, etc. – fell from the second place in 2016 to fourth position in 2017 with a decrease in share of more than 13 percentage points. This shows that criminals show less interest in stealing these types of accounts and are now focusing on accessing money directly.

The data also reveals that Mac users are in increasing danger. Contrary to popular belief about the security of Mac devices, 31 percent of phishing attacks in 2016 against users of the platform were aimed at stealing financial data. The share peaked in 2017, reaching 56 percent.

“The increased focus cybercriminals have on conducting financial phishing attacks means that users need to remain extra vigilant,” said Nadezhda Demidova, lead web content analyst at Kaspersky Lab. “To get a hold of our money, fraudsters are constantly looking for new methods and techniques to trick us. We need to be just as determined to not let them succeed by constantly investing in cyber literacy.”

In order to protect themselves from phishing, Kaspersky Lab experts advise users to take the following measures:

  • Always check the legitimacy of the website when paying online. This includes https connections and the domain name belonging to the organization that you think you are paying.
  • Use a proven security solution with behavior-based anti-phishing technologies. This will make it possible to identify even the most recent phishing scams which haven’t been added yet to anti-phishing databases.

Other key findings in the report include:


  • In 2017, the share of financial phishing increased from 47 percent to 54 percent of all phishing detections. This is an all-time high according to Kaspersky Lab statistics for financial phishing.
  • More than every fourth attempt to load a phishing page blocked by Kaspersky Lab products is related to banking phishing.
  • The share of phishing related to payment systems and e-shops accounted for 16 percent and 11 percent accordingly in 2017. This is slightly more than in 2016.
  • The share of financial phishing encountered by Mac users grew nearly twice, accounting for approximately 56 percent.

Banking malware:

  • The number of users attacked with banking Trojans fell from 1,088,900 in 2016 to 767,072 in 2017, showing a decrease of 30 percent.
  • 19 percent of users attacked with banking malware were corporate users.
  • Users in Germany, Russia, China, India, Vietnam, Brazil and the United States are the countries most often attacked by banking malware.
  • Zbot is still the most widespread banking malware family (almost 33% of attacked users) being challenged by the Gozi family (28%).

Android banking malware:

  • In 2017 the number of users that encountered Android banking malware decreased by almost 15 percent to reach 259,828 worldwide.
  • Just three banking malware families accounted for attacks on the vast majority of users (over 70%).
  • Russia, Australia and Turkmenistan are the countries with the highest percentage of users attacked by Android banking malware.

To learn more about financial phishing and the other findings in the Financial Cyberthreats in 2017 report, read our blogpost on

About Kaspersky Lab
Kaspersky Lab is a global cybersecurity company, which has been operating in the market for over 20 years. Kaspersky Lab’s deep threat intelligence and security expertise is constantly transforming into next generation security solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe. The company’s comprehensive security portfolio includes leading endpoint protection and a number of specialized security solutions and services to fight sophisticated and evolving digital threats. Over 400 million users are protected by Kaspersky Lab technologies and we help 270,000 corporate clients protect what matters most to them. Learn more at

Media Contact:
Denise Berard

Source: Kaspersky



Tags: ,