The Digital Landscape of 2026: Financial Cyber Threats and WhatsApp Trojans
Financial cyber threats for 2026 will evolve towards more automated and professional attacks, including deepfake fraud and the emergence of region-specific info stealers.
Rise in Mobile Fraud and Messaging
Criminal groups will modify banking trojans for mass distribution via WhatsApp. In 2025, the global financial sector recorded over $1,338,357 attacks involving banking trojans, also demonstrating an increase in supply chain attacks, the use of stealers (like Lumma, Vidar, and Redline), and the adoption of blockchain for malicious activities.
Looking ahead to 2026, the cybersecurity company highlights six key trends that will redefine the digital risk landscape.
I. AI-Driven Malware and Regionalization
The emergence of AI-powered malware will allow attackers to analyze their environment in real-time and modify their behavior to achieve more effective infiltration and harder detection. Additionally, the appearance of info stealers designed to operate exclusively in certain regions or countries is anticipated. Although traditional fraud will persist, its propagation routes will change, adopting new messaging services to reach victims.
II. Deepfakes and Pre-infected Devices
The use of AI-generated fake videos and audio (deepfakes) will expand to impersonate identities, manipulate job interviews, and bypass identity verification processes (KYC), with significant growth in the black market for these tools. Another latent risk is the continued sale of smart devices (phones, TVs, gadgets) that come pre-infected with advanced trojans like Triada from the factory, even before being turned on for the first time by the user.
III. Surge in Mobile Payment Attacks and Malware-as-a-Service (MaaS)
There will be an increase in attacks targeting mobile NFC (Near-Field Communication) payments and the strengthening of social engineering campaigns that use deepfakes for identity impersonation. This hyper-precise approach will fuel the expansion of the Malware-as-a-Service (MaaS) model, making attacks more localized and difficult to neutralize.
Security Recommendations for Users and Businesses
Fabio Assolini, Director of the Global Research and Analysis Team for Latin America at Kaspersky, emphasizes the need for organizations to evolve alongside adversaries, strengthening technology, analytical capabilities, and staff preparedness.
For users, Kaspersky recommends: * Official Sources: Download apps exclusively from official stores (Google Play, App Store) to avoid counterfeit versions. * NFC Management: Disable NFC technology when not in use and consider using cases that block unauthorized connections. * Account Monitoring: Regularly review account statements to detect unrecognized charges and act quickly. * Advanced Protection: Use security solutions with specific features like 'Safe Money' (available in Kaspersky Premium) to verify the authenticity and security of banking and payment pages.
For businesses, especially in the financial sector, it is advised to: * Infrastructure Audits: Conduct thorough reviews of systems and networks by external experts to identify flaws and weaknesses. * Integrated Platforms: Implement systems like the Kaspersky Next line that enable detection, analysis, and rapid response to attacks in real-time. * Constant Training: Keep staff informed about new threats and train them regularly to act as the first line of defense against traps such as phishing emails and dangerous links.
