Pakistan phishing attacks surge 18% in 2024, Kaspersky reports

Pakistan experienced an 18% increase in phishing attempts in 2024, reflecting a troubling trend in the South Asian nation of 235 million where digital adoption has rapidly outpaced cybersecurity awareness, according to a report by Russian cybersecurity firm Kaspersky.

The spike in Pakistan, which exceeds the global average, comes as the country's burgeoning tech sector and expanding internet user base create new opportunities for cybercriminals, particularly during the May-July holiday season when travel-related scams flourish.

"While the core mechanics of phishing and scams remain unchanged, attackers constantly refine their disguises," said Olga Svistunova, a security expert at Kaspersky.

Svistunova added that cybercriminals are increasingly using AI-driven tools to create convincing fake websites, making fraud harder to detect and posing growing risks to both financial security and personal identity protection.

Globally, Kaspersky's security solutions blocked over 893 million phishing attempts in 2024 – a 26% increase from 2023, when the total stood at nearly 710 million.

Half of all emails in corporate inboxes are spam

Corporate users faced particular challenges as nearly half of all emails in business mailboxes – 47% of global traffic – were classified as spam, marking a 1.27 percentage point increase from the previous year. Cybersecurity experts noted that corporate spam trends prominently featured advertisements for AI solutions, related webinars, and follower-boosting schemes.

Both individuals and corporate users encountered malicious email attachments more than 125 million times in 2024.

Cybercriminals deployed sophisticated tactics that included password-protected archives containing malicious content and SVG images disguised as harmless graphics.

TikTok Shop sellers were targeted in an ongoing campaign where cybercriminals created fake login pages designed to steal credentials. Scammers also capitalized on cryptocurrency trends, orchestrating fraud schemes involving hyped topics such as the cryptocurrency game Hamster Kombat and TON wallets.

Fraudulent schemes frequently exploited fake celebrity images, falsely promoting giveaways of valuable prizes to fans.

To avoid becoming victims of phishing, scams, or malicious messages, Kaspersky advises users to verify the legitimacy of senders before opening emails or clicking links, and to check website URLs carefully for spelling errors that might indicate a phishing page.