See you in the afterlife: Kaspersky reveals the journey of stolen data after phishing attacks
According to new data from Kaspersky, over 117 million phishing links were clicked in the APAC region in 2025[1] – all of which were detected and blocked by Kaspersky solutions. Not everyone uses protective solutions on their devices, however, and phishing remains one of the most prevalent cyber threats, with attackers luring users to fake
By Staff Writer
According to new data from Kaspersky, over 117 million phishing links were clicked in the APAC region in 2025[1] – all of which were detected and blocked by Kaspersky solutions.
Not everyone uses protective solutions on their devices, however, and phishing remains one of the most prevalent cyber threats, with attackers luring users to fake websites where they unwittingly surrender their login credentials, personal information, or bank card details.
Kaspersky experts traced the data stolen in phishing attacks, highlighting how cybercriminals use this data on underground markets.
The analysis uncovers the tools and processes used to collect, verify, and monetize stolen credentials, personal data, and financial information, highlighting the enduring risks to victims years after the initial breach.
According to Kaspersky’s findings, a staggering 88.5 percent of phishing attacks targeted online account credentials, 9.5 percent were focused on personal data such as names, addresses, and dates of birth, and 2 percent were aimed at bank card information.
Once captured, these personal details are funneled through specialized automated systems, which help to manage large amounts of data.
These systems are offered as a Platform-as-a-Service (PaaS) and are either created by the attackers themselves or based on legitimate frameworks for creating websites or apps.
According to Kaspersky Digital Footprint Intelligence, attackers consolidate stolen data into “dumps” or large batches of verified information, often priced on dark web forums at US$50 or less for bulk sales.
Higher-value accounts fetch premium prices: cryptocurrency platforms average US$105, banking accounts – US$350, e-government portals – US$82.50, and personal documents – US$15.
Data is meticulously verified using scripts to check its validity across services and is then combined into comprehensive “digital dossiers” that enhance its worth for targeted attacks, such as whaling schemes against high-profile individuals.
“Stolen data evolves into a persistent weapon for cybercriminals. By leveraging open-source intelligence and old breach data, attackers can craft highly personalized scams, turning one-time victims into long-term targets for identity theft, blackmail, or financial fraud,” comments Olga Altukhova, security expert at Kaspersky.
To mitigate these risks, Kaspersky recommends users:
- Block compromised bank cards by contacting your financial institution.
- Change passwords across accounts that are suspected of compromise using unique combinations and enable multi-factor authentication (MFA) wherever possible.
- Review active sessions in messaging apps, online banking, and other services.
- Utilize trusted security solutions to protect your devices and monitor for data leaks.
The full report is available on Securelist.
[1] From November 2024 to October 2025.
Article Information
Comments (0)
LEAVE A REPLY
No comments yet
Be the first to share your thoughts!
