In 2025, scammers most often forged the resources of messengers and banks.

In the first six months of 2025, almost 12,000 phishing resources disguised as well-known brands were identified and blocked on the Runet. Izvestia was told about this by the Coordination Center of the .RU/.RF domains.

There is a trick against hacking: how hackers crack passwords of Russians in seconds

Neural networks have simplified the work of cybercriminals

Most of all, according to their data, Telegram domains were forged — about 3.4 thousand fraudulent links. This is 3.6 times more than in the same period last year. WhatsApp also showed a significant 4-fold increase.

"Compared to the first half of 2024, the most noticeable trend was the growth of phishing attacks through messengers. Telegram rose from fifth to first place, and WhatsApp, which had not previously been in the top 10, immediately took the sixth place," they said.

The banking sector, marketplaces, and bulletin boards remain popular lures for phishing attacks. Among financial brands, fraudsters most often imitate Sber and Alfa-Bank, and in the e-commerce segment, Yulu and three marketplaces.

"This year, the Steam Community online platform also entered the top 10, which indicates the growing interest of scammers in the gaming audience. And brands such as Booking, SDEK, M.Video and BlaBlaCar, on the contrary, have lost popularity," the Domain Coordination Center added.

Read more in the exclusive Izvestia article:

Fake chasms: scammers actively fake the resources of messengers and banks