Scale of the Threat
Kaspersky’s 2024 cybersecurity telemetry revealed a stark picture for Algeria: 13 million phishing attempts blocked, alongside nearly 750,000 malicious email attachments intercepted. These figures represent a 17% increase over 2023 and position Algeria among the top targets on the African continent.
The broader context amplifies the concern. Algeria recorded an estimated 70 million total cyberattacks in 2024 across all categories, ranking the country 17th globally among the most targeted nations. Phishing alone accounts for nearly one in five detected attacks — the single largest category and the primary entry point for more sophisticated compromises.
Kaspersky’s global report documented 893 million phishing attempts worldwide in 2024, a 26% increase from the previous year. Africa experienced among the fastest growth rates of any region, with 66 million phishing link clicks detected across the continent. Algeria’s 33.5 million internet users — a population that grew by 3.9% in a single year — represent an expanding attack surface that cybercriminal groups are exploiting at industrial scale.
These detection figures reflect only Kaspersky’s own user base. The actual volume of phishing attempts reaching Algerian inboxes, phones, and browsers is certainly higher, given that no single vendor covers the entire connected population.
Anatomy of Algerian Phishing Campaigns
The BaridiMob Vector
Algerie Poste’s BaridiMob mobile payment service, with approximately 4.5 million subscribers as of September 2024, has become the most impersonated brand in Algerian phishing campaigns. The attack pattern follows a consistent playbook: victims receive an SMS or see a social media advertisement directing them to a page that mimics the BaridiMob login interface. The page collects credentials and, in many cases, captures the one-time SMS password through real-time relay — the attacker uses the stolen credentials immediately while the victim remains on the fake page.
Campaign sophistication has increased markedly. By 2024, attackers began using homograph domain attacks with visually similar characters, deploying valid HTTPS certificates to eliminate browser warnings, and replicating the entire post-login flow including balance displays and transaction confirmations.
The Ministry of Post and Telecommunications recognized the severity and launched a dedicated national awareness campaign from May 10 to May 30, 2025, using the branch network, social media channels, and SMS notifications to warn customers about fraudulent BaridiMob pages and Edahabia card scams. The campaign was a meaningful institutional response, though its three-week duration inherently limited its reach against a year-round threat.
Seasonal Attack Waves
Kaspersky’s data reveals pronounced seasonal patterns in Algerian phishing activity, with attacks peaking between May and July. This timing correlates with increased online spending during Ramadan and Eid periods, university enrollment and exam seasons that generate credential-harvesting campaigns impersonating the Ministry of Higher Education, summer travel bookings through fake airline and hotel sites, and government service deadlines for tax filing and vehicle registration that create windows of heightened susceptibility.
The Social Media Amplifier
Algeria’s phishing ecosystem is heavily amplified through Facebook, which remains the dominant social platform with approximately 25.6 million Algerian users. Phishing links circulate through fake pages mimicking telecom operators with “free data” offers, Facebook Marketplace scams that redirect to credential-harvesting sites, and Messenger-based campaigns where compromised accounts send phishing links to entire contact lists.
The Facebook vector is particularly dangerous because it leverages social trust. A phishing link from a known contact through Messenger is far more likely to be clicked than an anonymous email.
Advertisement
Why Algeria Remains Especially Vulnerable
The Awareness Gap
Algeria’s digital transformation has outpaced its cybersecurity awareness. The country added millions of new internet users over the past five years, many through affordable smartphones with limited prior exposure to digital security concepts. Formal cybersecurity education remains minimal — specialized programs at institutions like ESI serve only a tiny fraction of the population. Corporate security awareness training is equally scarce among the small and medium enterprises that constitute the majority of Algeria’s business fabric.
The 2025-2029 National Cybersecurity Strategy, validated by Presidential Decree in December 2025, calls for cultivating qualified human resources through structured training and education. However, translating strategy into nationwide awareness remains a multi-year challenge.
The Authentication Weakness
Algeria’s digital services ecosystem relies overwhelmingly on SMS-based two-factor authentication. BaridiMob, CIB card verifications, bank transaction confirmations, and government e-services nearly all use SMS as the second factor. SMS-based 2FA is acutely vulnerable to phishing: real-time phishing kits available on cybercrime marketplaces relay stolen credentials and SMS codes to the legitimate service before the one-time password expires.
The global standard has moved toward app-based authenticators and FIDO2 hardware keys, which are phishing-resistant by design. Algeria’s major digital services have been slow to offer these alternatives.
The Infrastructure Gap
Algeria’s ISPs and email providers generally lack the advanced email filtering and real-time phishing detection capabilities deployed by major global providers. DNS-level protections like DMARC, DKIM, and SPF email authentication protocols — which prevent domain spoofing — remain poorly adopted across Algerian organizations. Without proper email authentication, attackers can trivially spoof emails appearing to come from legitimate Algerian institutions.
What Must Change
Addressing Algeria’s phishing epidemic requires coordinated technical, institutional, and educational action.
National email authentication standards. The government should mandate DMARC enforcement for all .dz domains, beginning with government agencies and critical infrastructure operators. Countries that have mandated DMARC for government domains have seen significant reductions in spoofing-based phishing.
A phishing reporting and takedown mechanism. Algeria needs a centralized, easy-to-use phishing reporting system — a dedicated short code for SMS reports and a “report phishing” button in major apps — feeding into an automated takedown pipeline. The UK’s NCSC operates such a system and has taken down millions of scam URLs since its launch.
Mandatory phishing simulation for critical sectors. Banks, telecoms, energy operators, and government agencies should conduct regular phishing simulation exercises. Organizations that implement sustained simulation programs typically see employee click rates drop from above 30% to under 5% within 12 months.
App-based authentication migration. Algerie Poste, banks, and government e-services must offer and actively promote app-based authentication. The Banque d’Algerie should issue guidance requiring regulated financial institutions to provide phishing-resistant authentication options by a defined deadline.
Sustained public awareness. The May 2025 Algerie Poste campaign was a start, but phishing awareness requires year-round effort across television, radio, social media, and community channels to reach populations that short digital campaigns miss.
Frequently Asked Questions
Why is Algeria so heavily targeted by phishing attacks?
Algeria combines a large and rapidly growing online population of 33.5 million internet users, widespread adoption of mobile financial services like BaridiMob that are lucrative targets, heavy reliance on SMS-based authentication vulnerable to real-time phishing kits, poor deployment of email authentication protocols across Algerian domains, and a Facebook-dominant social media landscape that provides an effective distribution channel for phishing links. The country ranked 17th globally for cyberattacks in 2024.
What is the most common type of phishing targeting Algerians?
Financial phishing campaigns impersonating Algerie Poste’s BaridiMob service represent the most prevalent and damaging category, mimicking login pages to harvest credentials and intercept one-time SMS passwords. Brand impersonation targeting telecom operators with fake “free data” offers from Mobilis, Djezzy, or Ooredoo is the second most common vector, followed by government service impersonation around university enrollment, tax deadlines, and visa processing periods.
How can Algerians protect themselves from phishing?
Never click links in SMS messages or social media posts asking you to log in — open the official app or type the URL directly into your browser instead. Enable two-factor authentication on every account, preferring app-based authenticators like Google Authenticator over SMS when available. Verify the exact URL of any login page before entering credentials, looking for subtle misspellings. Never share OTP codes with anyone claiming to be from your bank or Algerie Poste. Keep your phone’s operating system and apps updated to patch vulnerabilities that phishing-delivered malware exploits.
Sources & Further Reading
- Kaspersky Reports Nearly 900 Million Phishing Attempts in 2024 — Kaspersky
- Cybersecurity: Over 13 Million Phishing Attempts Blocked in Algeria in 2024 — Algeria Invest
- Awareness Campaign for Safe Use of Edahabia Card and BaridiMob — Ministry of Post and Telecommunications
- Nigeria, South Africa, Algeria Top Targets for Cyber Attacks in 2024 — Cyber Security Review
- Algeria Adopts 2025-2029 National Cybersecurity Strategy — We Are Tech Africa
- Algeria Orders Cybersecurity Units in Public Sector — Ecofin Agency
- Kaspersky Spam and Phishing Report 2024 — Securelist
