Local

Phishing Persists: Over 1 Million Bank Accounts Exposed via Infostealer Malware

Phishing Persists: Over 1 Million Bank Accounts Exposed via Infostealer Malware
Staff CorrespondentStaff Correspondent
Apr 16, 2026 22:59

Financial phishing remains highly active in the cyber landscape, with more than one million bank account credentials leaked through infostealer malware, according to global cybersecurity firm Kaspersky.

In its latest findings released on April 16, the company reported that fraudulent e-commerce websites accounted for the highest share of scams in 2025 at 48.5%, marking a 10.3 percentage point increase from the previous year. Meanwhile, banking phishing declined to 26.1%, while attacks targeting payment systems rose to 25.5%—indicating a shift by cybercriminals toward comparatively easier targets.

Regional trends show notable variation. E-commerce phishing was most prevalent in the Middle East (85.8%), banking phishing dominated in Africa (53.75%), while Latin America saw nearly equal targeting of e-commerce (46.3%) and banking (42.25%). In the Asia-Pacific (APAC) region and Europe, attack patterns were more diverse.

Analysis of financial malware trends suggests that as users increasingly adopt mobile banking, traditional PC-based attacks have slightly declined. However, mobile banking-targeted attacks surged by 1.5 times in 2025. Infostealer malware has emerged as a key tool in financial cybercrime, capable of harvesting login credentials, bank card data, and cryptocurrency wallet information for fraudulent use. In APAC alone, PC-based credential theft rose by 132% compared to the previous year.

According to Kaspersky, more than one million online accounts from the world’s top 100 banks were compromised and circulated on the dark web in 2025, with India, Spain, and Brazil among the hardest-hit countries. Alarmingly, 74% of stolen payment cards remained active as of March 2026.

Paulina Tretiak, a Digital Footprint Intelligence analyst at Kaspersky, noted that the dark web has become a central hub for financial cybercrime. Stolen data from infostealers is aggregated, repackaged, and sold, with ready-made phishing kits also available—lowering the barrier for new cybercriminals. She emphasized that organizations must strengthen proactive threat intelligence, while users need to remain vigilant.

To stay secure, Kaspersky recommends using strong passwords, enabling multi-factor authentication (MFA), avoiding suspicious links, and relying on trusted security software. Organizations, on the other hand, are advised to reinforce IT infrastructure, adopt integrated security platforms, and conduct continuous dark web monitoring.

DBTech/SM/EK/OR

Tags:

পূর্ববর্তী সংবাদ

HC Stays BTRC Transfer Orders, Seeks Explanation Over Legality

পরবর্তী সংবাদ

Best Electronics Brings Aima, Luyan, Julong E-Bikes to Bangladesh Market