Phishing Trends in 2023: Bank Scams Expand Beyond Card Data
During 2023, phishing campaigns targeting customers of Russian financial institutions surged by about 50 percent. This observation comes from Alexander Vurasko, head of the Solar Aura external digital threat monitoring service at Solar Group, as reported to socialbites.ca. The analysis underscores that phishing remains the primary route through which attackers deploy a range of tools, including intelligence software, malware, and remote access programs.
The most common phishing tactic identified in 2023 involved promotions or surveys that purportedly came from a bank. While the lure initially focused on gaining access to card details, attackers increasingly aimed to seize control of customers personal accounts. Disturbingly, roughly 8 percent of the phishing sites detected served as fronts for remote administration tools camouflaged as legitimate bank technical support offerings. This shift highlights a broader move from credential theft to account takeovers, enabling fraudsters to maneuver within victims wallets from the inside.
Experts note that such illicit resources can appear in seemingly ordinary contexts, including phone scams. In conversations with potential victims, criminals may steer individuals toward these deceptive sites, amplifying the risk of compromise during a single interaction. The ability to manipulate the trust built during a call makes the attack surface larger and more persuasive for casual users who may not scrutinize the destination of a link or the legitimacy of a support message.
According to Vurasko, the year 2023 saw cybercriminals increasingly avoid naming specific organizations in the domains they used. Earlier in the decade, these naming patterns were less common, but by 2023 their share rose to about two out of five phishing domains. This tactic reduces the obvious indicators that a site is counterfeit and complicates rapid identification by casual observers who rely on recognizable brand cues.
Another notable evolution involved a rise in malicious sites hosted on level three and level four domain structures. This trend challenges traditional detection methods that depend on simple domain-name analysis and predictable patterns. It calls for more resilient security measures capable of evaluating overall site behavior, infrastructure, and distributed hosting to distinguish legitimate banking domains from malicious copies at scale.
The current landscape also reveals an acceleration in the use of new AI driven chat interfaces by scammers. These tools assist fraudsters in crafting convincing messages and automating outreach at scale, enabling faster baiting and broader reach. In addition to direct banking fraud, romance and social engineering schemes have begun leveraging smart conversation agents to gain trust before steering victims toward fraudulent portals or social media traps. The convergence of AI tools with traditional social engineering broadens the threat matrix and demands renewed vigilance from both financial institutions and consumers. The emphasis remains on disrupting the early stages of a scam chain and preventing victims from crossing the point of no return, when personal information or access credentials are exposed. This evolving environment requires ongoing monitoring, improved domain analysis, and user education to reduce success rates for phishing campaigns as they adapt to new technologies and tactics.