Ahead of the International Day of Families, observed on May 15, Kaspersky experts analyzed cyberthreats that use popular family-focused brands, such as Disney, LEGO, Toca Boca and others as bait. The research, based on selected keywords monitoring, revealed a steady rise in attack attempts, which increased by 38% from Q2 2024 to Q1 2025.
Kaspersky telemetry shows a consistent upward trend in the number of attempted attacks exploiting children- and family-related brands. Starting from just 89,000 in Q2 2024, the number of attacks has increased quarter by quarter, reaching almost 123,000 in Q1 2025. Throughout the reported period, Kaspersky detected over 432,000 such attempts.
The number of attempted attacks on children from Q2 2024 to Q1 2025
Among the most frequently exploited brands throughout the reported period were LEGO, Disney and Toca Boca — all widely recognized and trusted by children and parents alike. LEGO-themed content accounted for the overwhelming majority of attacks, with over 306,000 attempts, followed by Disney (62,000) and Toca Boca (45,000). Paw Patrol and Peppa Pig were also used as popular lures, though to a lesser extent — 12,500 and 4,900 attempted attacks. Cybercriminals exploit the popularity and emotional familiarity of these brands to trick users into downloading malicious files, often disguised as cartoons or games. The more popular the brand is, the more attractive it becomes as a hook for threat actors.
Kaspersky’s analysis shows that the most common threats targeting children and families are not always the most obvious ones. Throughout the reported period, nearly 400,000 infection attempts were linked to Downloaders — software that may appear harmless but is often used to silently deliver other potentially dangerous applications. These downloaders are frequently disguised as games, videos, or installers related to popular brands, making them especially effective at tricking users.
Furthermore, over 7,800 cases involved Trojans, which can steal sensitive data, monitor activity or grant remote access to attackers. These are particularly dangerous when hiding inside seemingly innocent files, such as cheats or fan-made apps. Meanwhile, adware accounted for over 6,400 attempted attacks, typically appearing as flashy games or video apps that bombard users with unwanted ads, slowing down devices and potentially opening the door to additional threats.
As part of the analysis, Kaspersky researchers identified multiple scam and phishing websites mimicking the design and branding of popular among family companies. One notable example was a phishing page crafted to resemble the official Tokyo Disney Resort website. Such scams are often indistinguishable from legitimate pages at first glance, with the only difference being the URL of the website. The fraudulent site offered users the chance to “buy” park tickets, just like the real one, and prompted them to enter their personal and payment information. However, instead of securing a magical day at the theme park, victims could have their bank card details stolen.
An example of the phishing page, exploiting the brand of Tokyo Disney Resort
Another discovery made by Kaspersky researchers involved scams exploiting the name of MrBeast — a YouTube celebrity widely followed by children and teens, and well-known for giving away expensive prizes like gadgets, money and even houses. Cybercriminals created phishing pages promising “free gifts from MrBeast,” including digital gift cards for platforms such as Roblox, Xbox and PlayStation. The site prompted users to choose their prize and complete a seemingly harmless task to claim it. To increase urgency, a countdown timer was displayed, urging visitors to “complete a sponsored activity” within a limited time to unlock the final reward code.
An example of the phishing page, exploiting the brand of MrBeast
The entire process is a tactic designed to redirect victims to increasingly deceptive scam pages. Eventually, users are asked to pay a small commission fee to claim their “gift”. However, after submitting the payment, the victim may be left with no reward and may have lost money.
“Cybercriminals are masters of emotional manipulation — and there is hardly anything more emotionally charged than content children trust and love. By imitating popular brands or influencers like MrBeast, attackers create a sense of familiarity and excitement that lowers users’ guard. That’s why it’s essential for parents to stay informed and teach kids how to question ‘too-good-to-be-true’ offers before clicking,” comments Evgeny Kuskov, Security Expert at Kaspersky.
To keep your kids safe online, Kaspersky recommends the following:
● It’s crucial for parents to have open communication with their children about the potential risks they may encounter online and to enforce strict guidelines to ensure their safety.
● To secure your child from downloading any malicious files during their gaming experience, we advise parents to install a trusted security solution, such as Kaspersky Premium, on their device.
● By staying informed about the latest threats and actively monitoring their children’s online activities, parents can create a safer online environment for their kids.
● To help parents introduce their children to cybersecurity amidst the evolving threat landscape, Kaspersky experts have developed the Kaspersky Cybersecurity Alphabet with key concepts from the cybersecurity industry. In this book, your kids will get to know new technologies, learn the main cyber hygiene rules, find out how to avoid online threats and recognize fraudsters’ tricks. After reading this book together, you’ll be sure that your kid knows how to distinguish phishing website, how VPN and QR-codes work, and even what honeypots and encryption are and what role they play in modern cybersecurity. You can download the pdf of the book for free and go through the basics of cybersecurity with your child, building their cybersafe future.
● With dedicated apps for digital parenting such as Kaspersky Safe Kids, parents can effectively safeguard their children across both online and offline spaces. Such apps help adults ensure a safe and positive digital experience for little ones, establish healthy habits, protect from inappropriate content, balancing screen time and checking children’s physical location.
