Kaspersky has observed a sharp rise in phishing and gaming-related cyberthreats in 2025, driven largely by seasonal shopping campaigns and the growing use of entertainment platforms. The company found that cybercriminals continued to exploit major online sales events to lure users into fraudulent sites designed to steal personal and payment information.
Between January and October 2025, Kaspersky Security Network recorded 6,394,854 blocked phishing attempts that impersonated online retailers, banks, and payment providers. Nearly half of these attempts targeted online shoppers, reflecting how heavily criminals rely on the year’s most active e-commerce periods to deceive users. During the same period, Kaspersky identified more than 20 million attempted attacks on gaming platforms, including a significant concentration of cases linked to Discord.
Black Friday and Single’s Day remained strong catalysts for malicious activity. Over the first two weeks of November alone, Kaspersky detected 146,535 spam emails referencing seasonal promotions, with 2,572 linked to Single’s Day offers. Many of these emails reused templates from previous years and mimicked well-known global retailers such as Amazon, Walmart, and Alibaba. These emails often promised early access to exclusive deals but instead directed recipients to fraudulent pages.
Expanding focus on entertainment and gaming platforms
Cybercriminal activity surged beyond traditional e-commerce sites, extending into entertainment and gaming services. In 2025, Kaspersky recorded 801,148 phishing attempts linked to Netflix and 576,873 attempts tied to Spotify. These campaigns used familiar branding to entice users into entering account details on malicious sites.
Gaming platforms were also targeted heavily. Kaspersky reported 2,054,336 phishing attempts impersonating leading gaming services, including Steam, PlayStation, and Xbox. Malware disguised as gaming software showed notable activity throughout the year, with 20,188,897 attempted infections detected. Discord accounted for the vast majority of these cases, with 18,556,566 detections, marking a rise of more than 14 times compared to 2024.
Olga Altukhova, Senior Web Content Analyst at Kaspersky, highlighted how attackers increasingly follow user behaviour across the entire digital landscape. “This year’s data shows that attackers increasingly operate across the full digital ecosystem,” she said. “They follow user activity across shopping platforms, gaming services, streaming apps, and communication tools, adapting their methods to blend into familiar environments. For consumers, this makes consistent vigilance and basic security hygiene essential, especially during periods of heightened online activity.”
Strengthening consumer protection
Kaspersky emphasised the importance of digital vigilance as users navigate seasonal promotions. The company noted that its Kaspersky Premium service includes detection technology that analyses website characteristics and URLs to identify suspicious elements. The solution recently received an “Approved” certification in AV-Comparatives’ Fake Shops Detection assessment, recognising its performance in blocking fraudulent online store activity.
The company encouraged users to practise basic security hygiene when browsing or shopping online, such as verifying links, checking website addresses for errors, reviewing retailer reputations, and monitoring bank statements regularly for any unauthorised activity.
Kaspersky continues to warn that despite improved digital defences, many consumers only discover fraud when reviewing their financial statements. The company advises immediate action if any suspicious transactions are identified.
