Over a million online banking accounts were compromised in the past year, according to a Kaspersky report. With financial cyber threats rapidly evolving, it's more important than ever for users to adopt robust security measures and stay informed about the risks spreading across the digital realm.
Image: Freepik
A recent report by cybersecurity firm Kaspersky has unveiled alarming trends in the landscape of financial cybercrime, revealing that more than one million online banking accounts were compromised in the last year.
This escalation is attributed to a notable shift in financial threats towards credential theft, marking a significant departure from traditional malware practices.
The findings from Kaspersky’s latest report indicate a concerning uptick in the use of infostealers, malware designed specifically to harvest sensitive information such as login credentials, bank card details, and even crypto wallet seed phrases.
These malicious tools have surged, with detections rising globally by 59% in a single year.
In Africa specifically, infostealers compounded the risk of financial crime, showcasing a 53% increase from 2024 to 2025, as the sophistication of attackers evolves alongside user behaviour.
While traditional phishing scams persist, the data revealed a notable shift in target preferences.
Phishing pages imitating e-commerce platforms accounted for a dominant 48.5% of financial phishing incidents in 2025, a steep increase from the previous year.
Meanwhile, bank-related phishing dropped to 26.1%, suggesting that criminals may now see impersonating banks as a complex, often unproductive method of financing their acts of fraud.
This transition aligns with an observable regional pattern: in the Middle East, a staggering 85.8% of phishing efforts were concentrated on e-commerce, indicating a pronounced reliance on online retail schemes.
The Kaspersky report also highlighted the continual rise in mobile financial malware, with mobile attacks escalating by an astonishing 1.5 times compared to 2024.
This shift reflected an overarching trend where consumers increasingly manage their finances through mobile devices rather than traditional PCs, leaving them susceptible to emerging threats targeting these platforms.
It’s the dark web that has become a hub for these cybercrimes, as stolen credentials and payment details are compiled, repackaged, and sold in an underbelly marketplace that flourishes on the anonymity it provides. Kaspersky noted that 74% of payment cards compromised by infostealers remained valid as of March 2026, meaning that victims of these attacks could continue to be exploited for months or even years after their information was stolen.
Polina Tretyak, an analyst with Kaspersky’s Digital Footprint Intelligence division, said, “The dark web has become a central hub for financial cybercrime... data theft and fraud operations reinforce each other, making attacks scalable and easy to carry out by fraudsters with minimal experience.”
Tretyak said both businesses and individual users should adopt improved cybersecurity measures to counteract these pervasive threats.
To safeguard themselves, individual users are encouraged to avoid clicking on links from suspicious messages, ensure that they check website authenticity before entering sensitive information, and utilise multifactor authentication alongside strong, unique passwords.
Follow Business Report on Facebook, X and on LinkedIn for the latest Business and tech news.