Algeria Phishing Crisis: 13M Attacks Blocked in 2024

Published March 25, 2026 · by ALGERIATECH Editorial

⚡ Key Takeaways

Kaspersky blocked 13 million phishing attempts targeting Algeria in 2024 — a 17% year-over-year increase — alongside 750,000 malicious email attachments intercepted. Algeria ranked 17th globally among the most targeted nations with 70 million total cyberattacks. BaridiMob (4.5 million subscribers) is the most impersonated brand, while Facebook (25.6 million users) amplifies phishing link distribution through social trust.

Bottom Line: Mandate DMARC enforcement for all .dz domains, establish a centralized phishing reporting and automated takedown pipeline, and migrate critical services from SMS-based to app-based authentication to close the three biggest gaps enabling Algeria’s phishing epidemic.

Read Full Analysis ↓

🧭 Decision Radar

Relevance for Algeria
Critical
▾

13 million blocked phishing attempts in 2024 with 17% annual growth directly targeting BaridiMob and government services used by millions of Algerians.

Action Timeline
Immediate
▾

Defenses must scale now as every month of delay exposes millions more users to undetected phishing campaigns.

Key Stakeholders
ARPCE, dz-CERT, Algerie Poste, Banque d’Algerie, ISPs, Ministry of Post and Telecommunications, Ministry of Digital Economy, university IT departments

Decision Type
Strategic
▾

Requires coordinated national policy on email authentication standards, phishing takedown infrastructure, and sustained awareness programs.

Priority Level
Critical
▾

Phishing is the single largest attack category and the primary entry point for all other cyber threats targeting Algeria.

Quick Take: Algeria must treat phishing as a national security priority, not a consumer awareness problem. Mandating DMARC for .dz domains, building automated takedown pipelines, and migrating from SMS to app-based authentication are the three interventions that would most rapidly reduce the 13-million-attack exposure.

Scale of the Threat

Kaspersky’s 2024 cybersecurity telemetry revealed a stark picture for Algeria: 13 million phishing attempts blocked, alongside nearly 750,000 malicious email attachments intercepted. These figures represent a 17% increase over 2023 and position Algeria among the top targets on the African continent.

The broader context amplifies the concern. Algeria recorded an estimated 70 million total cyberattacks in 2024 across all categories, ranking the country 17th globally among the most targeted nations. Phishing alone accounts for nearly one in five detected attacks — the single largest category and the primary entry point for more sophisticated compromises.

Kaspersky’s global report documented 893 million phishing attempts worldwide in 2024, a 26% increase from the previous year. Africa experienced among the fastest growth rates of any region, with 66 million phishing link clicks detected across the continent. Algeria’s 33.5 million internet users — a population that grew by 3.9% in a single year — represent an expanding attack surface that cybercriminal groups are exploiting at industrial scale.

These detection figures reflect only Kaspersky’s own user base. The actual volume of phishing attempts reaching Algerian inboxes, phones, and browsers is certainly higher, given that no single vendor covers the entire connected population.

Anatomy of Algerian Phishing Campaigns

The BaridiMob Vector

Algerie Poste’s BaridiMob mobile payment service, with approximately 4.5 million subscribers as of September 2024, has become the most impersonated brand in Algerian phishing campaigns. The attack pattern follows a consistent playbook: victims receive an SMS or see a social media advertisement directing them to a page that mimics the BaridiMob login interface. The page collects credentials and, in many cases, captures the one-time SMS password through real-time relay — the attacker uses the stolen credentials immediately while the victim remains on the fake page.

Campaign sophistication has increased markedly. By 2024, attackers began using homograph domain attacks with visually similar characters, deploying valid HTTPS certificates to eliminate browser warnings, and replicating the entire post-login flow including balance displays and transaction confirmations.

The Ministry of Post and Telecommunications recognized the severity and launched a dedicated national awareness campaign from May 10 to May 30, 2025, using the branch network, social media channels, and SMS notifications to warn customers about fraudulent BaridiMob pages and Edahabia card scams. The campaign was a meaningful institutional response, though its three-week duration inherently limited its reach against a year-round threat.

Seasonal Attack Waves

Kaspersky’s data reveals pronounced seasonal patterns in Algerian phishing activity, with attacks peaking between May and July. This timing correlates with increased online spending during Ramadan and Eid periods, university enrollment and exam seasons that generate credential-harvesting campaigns impersonating the Ministry of Higher Education, summer travel bookings through fake airline and hotel sites, and government service deadlines for tax filing and vehicle registration that create windows of heightened susceptibility.

The Social Media Amplifier

Algeria’s phishing ecosystem is heavily amplified through Facebook, which remains the dominant social platform with approximately 25.6 million Algerian users. Phishing links circulate through fake pages mimicking telecom operators with “free data” offers, Facebook Marketplace scams that redirect to credential-harvesting sites, and Messenger-based campaigns where compromised accounts send phishing links to entire contact lists.

The Facebook vector is particularly dangerous because it leverages social trust. A phishing link from a known contact through Messenger is far more likely to be clicked than an anonymous email.

Why Algeria Remains Especially Vulnerable

The Awareness Gap

Algeria’s digital transformation has outpaced its cybersecurity awareness. The country added millions of new internet users over the past five years, many through affordable smartphones with limited prior exposure to digital security concepts. Formal cybersecurity education remains minimal — specialized programs at institutions like ESI serve only a tiny fraction of the population. Corporate security awareness training is equally scarce among the small and medium enterprises that constitute the majority of Algeria’s business fabric.

The 2025-2029 National Cybersecurity Strategy, validated by Presidential Decree in December 2025, calls for cultivating qualified human resources through structured training and education. However, translating strategy into nationwide awareness remains a multi-year challenge.

The Authentication Weakness

Algeria’s digital services ecosystem relies overwhelmingly on SMS-based two-factor authentication. BaridiMob, CIB card verifications, bank transaction confirmations, and government e-services nearly all use SMS as the second factor. SMS-based 2FA is acutely vulnerable to phishing: real-time phishing kits available on cybercrime marketplaces relay stolen credentials and SMS codes to the legitimate service before the one-time password expires.

The global standard has moved toward app-based authenticators and FIDO2 hardware keys, which are phishing-resistant by design. Algeria’s major digital services have been slow to offer these alternatives.

The Infrastructure Gap

Algeria’s ISPs and email providers generally lack the advanced email filtering and real-time phishing detection capabilities deployed by major global providers. DNS-level protections like DMARC, DKIM, and SPF email authentication protocols — which prevent domain spoofing — remain poorly adopted across Algerian organizations. Without proper email authentication, attackers can trivially spoof emails appearing to come from legitimate Algerian institutions.

What Must Change

Addressing Algeria’s phishing epidemic requires coordinated technical, institutional, and educational action.

National email authentication standards. The government should mandate DMARC enforcement for all .dz domains, beginning with government agencies and critical infrastructure operators. Countries that have mandated DMARC for government domains have seen significant reductions in spoofing-based phishing.

A phishing reporting and takedown mechanism. Algeria needs a centralized, easy-to-use phishing reporting system — a dedicated short code for SMS reports and a “report phishing” button in major apps — feeding into an automated takedown pipeline. The UK’s NCSC operates such a system and has taken down millions of scam URLs since its launch.

Mandatory phishing simulation for critical sectors. Banks, telecoms, energy operators, and government agencies should conduct regular phishing simulation exercises. Organizations that implement sustained simulation programs typically see employee click rates drop from above 30% to under 5% within 12 months.

App-based authentication migration. Algerie Poste, banks, and government e-services must offer and actively promote app-based authentication. The Banque d’Algerie should issue guidance requiring regulated financial institutions to provide phishing-resistant authentication options by a defined deadline.

Sustained public awareness. The May 2025 Algerie Poste campaign was a start, but phishing awareness requires year-round effort across television, radio, social media, and community channels to reach populations that short digital campaigns miss.

Follow AlgeriaTech on LinkedIn for professional tech analysis Follow on LinkedIn

Follow @AlgeriaTechNews on X for daily tech insights Follow on X

Frequently Asked Questions

Why is Algeria so heavily targeted by phishing attacks?

Algeria combines a large and rapidly growing online population of 33.5 million internet users, widespread adoption of mobile financial services like BaridiMob that are lucrative targets, heavy reliance on SMS-based authentication vulnerable to real-time phishing kits, poor deployment of email authentication protocols across Algerian domains, and a Facebook-dominant social media landscape that provides an effective distribution channel for phishing links. The country ranked 17th globally for cyberattacks in 2024.

What is the most common type of phishing targeting Algerians?

Financial phishing campaigns impersonating Algerie Poste’s BaridiMob service represent the most prevalent and damaging category, mimicking login pages to harvest credentials and intercept one-time SMS passwords. Brand impersonation targeting telecom operators with fake “free data” offers from Mobilis, Djezzy, or Ooredoo is the second most common vector, followed by government service impersonation around university enrollment, tax deadlines, and visa processing periods.

How can Algerians protect themselves from phishing?

Never click links in SMS messages or social media posts asking you to log in — open the official app or type the URL directly into your browser instead. Enable two-factor authentication on every account, preferring app-based authenticators like Google Authenticator over SMS when available. Verify the exact URL of any login page before entering credentials, looking for subtle misspellings. Never share OTP codes with anyone claiming to be from your bank or Algerie Poste. Keep your phone’s operating system and apps updated to patch vulnerabilities that phishing-delivered malware exploits.