 |
| Source: Kaspersky. An example of an administration panel through which stolen data is managed. |
Over 117 M phishing links were clicked in the Asia Pacific region from November 2024 to October 2025.
According to Kaspersky's research, 88.5% of phishing attacks targeted online account credentials, while 9.5% were focused on personal data such as names, addresses, and dates of birth. Just 2% were aimed at bank card information.
Once captured, these personal details are funnelled through specialised automated systems which help to manage large amounts of data. These systems are offered as a platform-as-a-service (PaaS) and are either created by the attackers themselves or based on legitimate frameworks for creating websites or apps.
Kaspersky Digital Footprint Intelligence stated that attackers consolidate stolen data into "dumps" – large batches of verified information – often priced on dark web forums at US$50 or less for bulk sales. Higher-value accounts fetch premium prices: cryptocurrency platforms average US$105, banking accounts – US$350, e-government portals – US$82.50, and personal documents – US$15.
Data is meticulously verified using scripts to check its validity across services and is then combined into comprehensive "digital dossiers" that enhance its worth for targeted attacks, such as whaling schemes against high-profile individuals.
"Stolen data evolves into a persistent weapon for cybercriminals. By leveraging open-source intelligence and old breach data, attackers can craft highly personalised scams, turning one-time victims into long-term targets for identity theft, blackmail, or financial fraud," said Olga Altukhova, Security Expert at Kaspersky.
To mitigate these risks, Kaspersky recommends users:
- Block compromised bank cards by contacting your financial institution
- Change passwords across accounts that are suspected of compromise using unique combinations and enable multifactor authentication (MFA) wherever possible
- Review active sessions in messaging apps, online banking, and other services
- Utilise trusted security solutions to protect your devices and monitor for data leaks
