Red Hot Cyber
Cybersecurity is about sharing. Recognize the risk, combat it, share your experiences, and encourage others to do better than you.
Redazione RHC : 2 December 2025 07:10
This year, too, cybercriminals are taking advantage of seasonal shopping periods to spread phishing websites and fraudulent promotions, aiming to steal personal information and payment details . Gaming platforms remain a prime target throughout the year.
In Spain, this trend is also reflected in the latest Cyber Security Report 2024 published by the National Institute for Cyber Security (INCIBE).
According to this report, 2,122 cases related to fraudulent online stores were handled, in which users were redirected to websites imitating legitimate companies to steal personal or banking information. Additionally, the 017 cybersecurity helpline received 98,546 requests , 21.8% more than the previous year; of these, 33% were related to phishing attempts and almost 8% to online shopping scams .
These data reflect growing concern among Spanish consumers, as well as greater awareness: more than half of the requests were preventative, made before an accident occurred.
According to data from Kaspersky Security Network (KSN), between January and October 2025, the company blocked 6,394,854 phishing attempts impersonating online stores, banks, and payment systems, 48.2% of which targeted online shoppers directly.
Over the same period, Kaspersky identified more than 20 million attempted cyberattacks against gaming platforms, including 18.56 million that abused Discord.
Black Friday scam campaigns continue to pose a significant problem. In the first two weeks of November, Kaspersky detected 146,535 spam emails mentioning seasonal deals. Many campaigns reused templates seen in previous years, impersonating major retailers like Amazon, Walmart, and Alibaba and offering supposed early access discounts that directed victims to fraudulent websites.
There has also been a surge in phishing activity targeting entertainment platforms: in 2025, there were 801,148 attempts related to Netflix and 576,873 to Spotify.
Activity has expanded beyond e-commerce. In 2025, Kaspersky detected 2,054,336 phishing attempts impersonating gaming platforms such as Steam, PlayStation, and Xbox. Malware disguised as gaming software also saw a significant increase: 20,188,897 infection attempts were recorded, including 18,556,566 detected on Discord, more than fourteen times the 2024 figure.
“This year’s data shows that cybercriminals are increasingly operating across the entire digital ecosystem. They track users’ activities across shopping platforms, gaming services, streaming apps, and communication tools. They adapt their methods to integrate into familiar environments. For consumers, this makes constant vigilance and basic security guidelines essential, especially during periods of intense online activity,” said Olga Altukhova, Senior Web Content Analyst at Kaspersky .
It is advisable to follow some advice:
To take advantage of the best deals, it’s essential to protect yourself so that your purchases bring satisfaction and benefits, not financial losses or data breaches.
So there’s always one thing left to do: raise your risk awareness!
Redazione