MUSCAT: Up to 80 per cent of cyberattacks conducted by online fraudsters were e-commerce scams, and over one million online banking accounts were compromised by infostealers last year, according to a report.
Financial cyber threats have shifted towards credential theft and data reuse. Attackers are moving away from traditional PC banking malware and increasingly relying on social engineering and dark web marketplaces. Mobile financial malware is also on the rise, as stated in the report published by Kaspersky.
Despite widespread campaigns and awareness programmes, traditional financial phishing methods are still prevalent. Pages imitating e-shops accounted for 48.5 per cent of financial phishing attempts in 2025, followed by banks at 26.1 per cent and payment systems at 25.5 per cent. The decline in bank phishing suggests that these services are becoming harder to impersonate successfully, leading fraudsters to seek easier ways to access users' finances.
Tariq bin Hilal al Barwani, a technologist and motivational speaker, commented on the report, emphasising the rapid growth of the regional e-commerce sector, particularly in Oman. “Oman's e-commerce market is flourishing due to high smartphone penetration (over 150 per cent) and government initiatives under Oman Vision 2040. With mobile payment volumes increasing eight-fold in the past two years, we are effectively combating cyberattacks on various e-commerce platforms through continuous awareness campaigns,” he said.
Oman’s e-commerce sector is projected to reach around $3.26 billion by the end of 2026 and is expected to grow to $4.62 billion by 2031. The market was valued at approximately $2.2 billion in early 2024, with a projected CAGR of 7.22 per cent from 2026 to 2031.
“Over 80 per cent of the population in Oman has internet access, and mobile shopping is popular, especially in categories like fashion, electronics and food service. The Ministry of Commerce, Industry and Investment Promotion (MoCIIP) has issued more than 3,300 e-commerce licenses by 2024, reflecting formalisation,” Al Barwani added.
In 2025, the decline in users affected by financial PC malware continued, as individuals increasingly rely on mobile devices for financial management. Mobile banker attacks grew by 1.5 times in 2025 compared to the previous year.
Polina Tretyak, an analyst at Kaspersky Digital Footprint Intelligence, highlighted the dark web as a central hub for financial cybercrime, where stolen credentials and bank cards are aggregated, repackaged and sold. Phishing kits targeting users of financial products are also readily available.
PROTECTION TIPS FOR E-COMMERCE ATTACKS
- Avoid following links from suspicious messages
- Double-check web pages before entering banking card details
- Use multifactor authentication where possible, create strong, unique passwords
- Install a reliable security solution to protect against fake e-shops and phishing pages
- Utilise advanced detection technology to analyse website characteristics and URLs
Oman Observer is now on the WhatsApp channel. Click here
