The rise of gray websites fuels global scam and data theft risks

Cybersecurity researchers at Kaspersky have identified a growing network of so-called ‘grey’ websites that exploit user trust to generate financial gain and harvest personal data. Unlike traditional phishing attacks, these platforms rely on manipulation, misleading design and hidden conditions rather than direct credential theft.

The report shows that gray websites often imitate legitimate services, including financial tools, e-commerce platforms, AI services and subscription-based content.

Common categories include fake browser extensions, fraudulent investment schemes, subscription traps and counterfeit online shops, many of which are designed to encourage voluntary payment or data sharing.

Kaspersky notes that these threats are spreading globally but vary by region.

Europe is seeing a rise in fake privacy tools and browser hijackers, Africa is heavily affected by fraudulent trading platforms, while Latin America faces betting scams and pyramid schemes. Asia-Pacific shows a broader mix, including crypto fraud, AI-themed scams and malicious download services.

Across all regions, attackers are increasingly aligning scams with current digital trends to appear more credible. Kaspersky warns that even well-designed platforms can hide risks, making user awareness, verification and security tools key to reducing financial and data harm.

Why does it matter? 

The rise of ‘grey’ websites signals a shift in online fraud away from obvious phishing towards more subtle, trust-based manipulation. Instead of breaking systems, attackers increasingly exploit user behaviour, interfaces, and familiarity with digital services.

That lowers the ‘visibility’ of fraud. Users are not being forced into breaches; they are being guided into consent- signing up, subscribing, investing, or installing tools that appear legitimate. It makes scams harder to detect, harder to regulate, and easier to scale globally.

It also shows how cybercrime is adapting to current technological trends, especially AI services, crypto tools, and digital platforms that people already expect to be trustworthy. As a result, the boundary between legitimate innovation and fraud becomes less clear, increasing systemic risk for both consumers and digital economies.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!