Banking malware up 3x, crypto phishing jumps 83% – Are you at risk?

By Gloria Methri

Imagine checking your bank account only to find it wiped clean overnight. Or falling for what seemed like a legitimate crypto investment, only to realise it was an elaborate scam. In 2024, such scenarios became alarmingly common as financial cyberattacks skyrocketed.

A new Financial Cyberthreats report from Kaspersky reveals that mobile banking malware incidents surged 3.6 times compared to 2023, while cryptocurrency phishing attempts jumped by a staggering 83.4%. Cybercriminals refined their tactics, preying on unsuspecting users through sophisticated phishing scams and evolving malware threats.

Financial Phishing: A Growing Menace

Cybercriminals continued to exploit financial institutions and popular online brands to defraud users. Banks remained the top target for phishing attempts, accounting for 42.6% of attacks—up from 38.5% in 2023. Fraudsters leveraged fake websites mimicking major companies such as Amazon, Apple, and Netflix to steal user credentials and financial data.

Amazon was the most imitated brand in online shopping scams, appearing in 33.2% of fraudulent pages. Meanwhile, phishing attempts using Alibaba’s brand identity increased significantly, rising from 3.2% in 2023 to 8% in 2024. The shift indicates that cybercriminals are diversifying their tactics, targeting a broader range of platforms to deceive users.

Payment systems were also heavily exploited, representing 19.3% of financial phishing attacks. PayPal remained the most targeted brand, but its share of attacks declined from 54.7% to 37.5%. Conversely, fraud attempts targeting Mastercard nearly doubled, from 16.6% in 2023 to 30.5% in 2024. New entrants to the list included American Express and Cielo, replacing Visa, Interac, and PayPay.

Cryptocurrency Scams Reach New Heights

The meteoric rise of cryptocurrency usage also attracted cyber criminals. Kaspersky detected 10,706,340 crypto-related phishing attempts in 2024, an 83.4% jump from the previous year. With the increasing adoption of digital assets, phishing campaigns targeting crypto wallets and exchanges are expected to become even more prevalent.

While mobile malware incidents surged, financial malware targeting PCs saw a decline. The number of users affected by PC-based financial malware dropped from 312,453 in 2023 to 199,204 in 2024. However, attackers pivoted their focus from online banking to crypto asset theft, with banking Trojans like ClipBanker (62.9%), Grandoreiro (17.1%), and CliptoShuffler (9.5%) leading the charge.

Among the most affected countries were Turkmenistan (8.8%), Tajikistan (6.2%), Kazakhstan (2.5%), Switzerland (2.3%), and Kyrgyzstan (2.2%). Notably, Latin American nations such as Mexico, Argentina, Paraguay, and Uruguay also saw a significant number of malware incidents.

Mobile Banking Trojans: A Rising Threat

The number of users encountering mobile banking Trojans increased dramatically from 69,200 in 2023 to 247,949 in 2024, with attacks intensifying in the latter half of the year. The Mamont Trojan-Banker family was the most active, responsible for 36.7% of all mobile banking malware attacks. Cybercriminals employed elaborate social engineering tactics, including fake stores and fraudulent delivery tracking apps, to deceive users.

Türkiye remained the most targeted country for mobile banking malware, with attacks affecting 5.7% of users. Indonesia, India, Azerbaijan, Uzbekistan, and Malaysia also saw notable increases in malicious activity.

According to Olga Svistunova, Senior Web Content Analyst at Kaspersky, financial phishing and scams are becoming more sophisticated. “Fraudsters are increasingly leveraging fake brands and services to harvest user data. As mobile transactions grow, phishing attacks will become more personalised and exploit vulnerabilities in digital habits.”

To stay protected, Kaspersky recommends:

For Individuals:

• Use multi-factor authentication and strong, unique passwords.
• Avoid clicking on suspicious links and verify web pages before entering financial details.
• Install reliable security software to detect malware and phishing attempts.
• Download apps only from trusted sources and review app permissions carefully.

For Businesses:

• Regularly update software and security patches.
• Educate employees on cybersecurity best practices.
• Implement robust monitoring and cybersecurity solutions.
• Enforce strict security policies, such as default-deny policies and network segmentation.
• Leverage threat intelligence services to stay informed about emerging cyber risks.