Kaspersky: 88.5 Percent of Phishing Attacks Target Online Account Credentials
JAKARTA - Kaspersky analyzed phishing and fraud campaigns from January-September 2025 and found that 88.5% of attacks aimed to obtain credentials for various online accounts.
Another 9.5% targeted personal data such as name, address, and date of birth, while 2% focused on bank card details.
Kaspersky research shows that most phishing pages send stolen information via email, Telegram bots, or an attacker-controlled panel, before illegally entering the Kembali sales channel.
According to the global cybersecurity company, the average price in 2025 ranges from 0.90 US dollars (Rp15 thousand) for global internet portals to 105 US dollars (Rp1.7 million) for crypto platforms and 350 US dollars (Rp5.8 million) for online banking access.
Personal documents such as passports or identity cards are sold for an average price of around 15 US dollars (Rp252 thousand), depending on the age of the account, balance, connected payment method, and security settings.
To reduce the risks associated with phishing, users should follow some security recommendations:
Don't trust links or attachments received via email or messages Double-check websites before entering any personal or financial information Review banking and card statements regularly and report suspicious transactions If account credentials are stolen, change the password for the affected account Use advanced security solutions Enable multi-factor authentication for all accounts Check the account login history and active sessions regularly If your messaging or social media account is hacked, let your contacts know that fake messages may be sent on your behalf.