ISLAMABAD, Thursday, July 3, 2025 (WNP): Cyberattacks targeting small and medium-sized businesses (SMBs) surged in 2025, with nearly 8,500 users affected by malicious software disguised as popular productivity and artificial intelligence tools, according to a new report by global cybersecurity firm Kaspersky.

The findings, based on Kaspersky’s analysis of 12 commonly used online productivity applications, revealed that over 4,000 unique malicious and unwanted files were identified this year, many masquerading as trusted tools like Zoom, Microsoft Office, ChatGPT, and DeepSeek.

Zoom was the most impersonated platform, accounting for 41% of all malicious files detected, followed by various Microsoft Office components: Outlook and PowerPoint (16% each), Excel (12%), Word (9%), and Teams (5%). The report attributes this trend to the growing reliance on remote work tools, which has expanded the attack surface for cybercriminals.

The exploitation of AI-powered tools emerged as a sharp new threat. Kaspersky reported a 115% increase in fake files mimicking ChatGPT within the first four months of 2025 compared to the same period last year, while DeepSeek, a large language model launched earlier this year, accounted for 83 malicious files. Interestingly, no threats were linked to Perplexity, a reminder that attackers selectively target the most hyped and widely discussed platforms.

“The more buzz there is around a tool, the more likely users are to encounter fake downloads or phishing traps,” warned Vasily Kolesnikov, security expert at Kaspersky.

Other platforms seeing spikes in impersonation include Microsoft Teams, with cases doubling to 206, and Google Drive, which saw a 12% increase to 132 cases in 2025.

Top Threats: Downloaders, Trojans, and Adware

Kaspersky’s threat analysis identified downloaders, trojans, and adware as the most common threats embedded in fake software packages. These malicious programs are typically distributed through phishing emails, fake websites, and fraudulent download links.

The report also highlights an increase in phishing campaigns targeting SMBs. One example involved a phishing scheme disguised as a Google Account notification offering to boost company sales via ads on X (formerly Twitter) — with the real aim of stealing login credentials.

SMBs also continue to be bombarded with AI-themed spam, including promotional emails offering to automate business operations, many of which lead to scam websites or install unwanted software.

Cybersecurity Recommendations for SMBs

To protect against the growing wave of cyber threats, Kaspersky recommends that SMBs adopt comprehensive cybersecurity measures, including:

• Use of specialized cybersecurity tools like Kaspersky Next, which offers visibility and control over cloud services.
• Define access policies for corporate email, shared folders, and online documents.
• Regular data backups to prevent loss from ransomware or data breaches.
• Clear guidelines for software adoption, ensuring all new applications are vetted by IT and relevant managers.
• Employee training to spot phishing emails and avoid fake downloads.

Kaspersky’s latest report underscores the urgency for SMBs to stay vigilant as cybercriminals increasingly exploit widely used tools — particularly those involving AI — to breach systems and steal sensitive data.