New analysis highlights the scale and downstream impact of phishing activity in the APAC region, where more than 117 million phishing links were recorded in 2025. Phishing remains a widely used cybercrime method, with attackers directing users to fraudulent websites to obtain login credentials, personal details, and payment information.

The findings trace how stolen data is collected, processed, and traded in underground markets. Most phishing activity targeted online account credentials (88.5%), followed by personal information such as names and dates of birth (9.5%), and bank card data (2%). Once obtained, the information is processed through automated systems used to organize and validate large datasets.

Stolen data is often bundled into verified batches, or “dumps,” and sold on underground forums, typically for under $50 in bulk. Certain categories command higher prices, including cryptocurrency accounts, banking credentials, e-government access, and personal documents. Data is frequently verified and combined into detailed profiles that can be reused for targeted fraud, identity theft, or financial crimes long after the initial compromise.

Security experts note that previously stolen data can be repurposed using publicly available information to create more convincing and personalized attacks over time.

To reduce potential impact, users are advised to block compromised bank cards, update affected passwords using unique credentials, enable multi-factor authentication where available, review active account sessions, and monitor devices and accounts for signs of data exposure.

Join the community of 2M+ industry professionals.

Subscribe to Newsletter to get latest insights & analysis in your inbox.

All about ETCISO industry right on your smartphone!