{"id":356205,"date":"2025-06-27T16:53:38","date_gmt":"2025-06-27T11:23:38","guid":{"rendered":"https:\/\/www.technologyforyou.org\/?p=356205"},"modified":"2025-06-27T16:53:38","modified_gmt":"2025-06-27T11:23:38","slug":"kaspersky-chatgpt-mimicking-cyberthreats-surge-115-in-early-2025-smbs-increasingly-targeted","status":"publish","type":"post","link":"https:\/\/www.technologyforyou.org\/kaspersky-chatgpt-mimicking-cyberthreats-surge-115-in-early-2025-smbs-increasingly-targeted\/","title":{"rendered":"Kaspersky: ChatGPT-Mimicking Cyberthreats Surge 115% in Early 2025, SMBs Increasingly Targeted"},"content":{"rendered":"<p class=\"ArticleBody_date__rpGhG\">In 2025, nearly 8,500 users from small and medium-sized businesses (SMBs) faced cyberattacks where malicious or unwanted software was disguised as popular online productivity tools, Kaspersky reports. Based on the unique malicious and unwanted files observed, the most common lures included Zoom and Microsoft Office, with newer AI-based services like ChatGPT and DeepSeek being increasingly exploited by attackers. Kaspersky has released threat analysis and mitigation strategies to help SMBs respond.<\/p>\n<div class=\"ArticleBody_articleContainer__Sz0LX\">\n<div class=\"ArticleBody_articleBody__gN8bN\">\n<div class=\"ArticleBody_content__tiVdv ArticleBody_withContentAbove__RyYxL\">\n<p>Kaspersky analysts explored how frequently malicious and unwanted software are disguised as legitimate applications commonly used by SMBs, using a sample of 12 online productivity apps. In total, Kaspersky observed more than 4,000 unique malicious and unwanted files disguised as popular apps in 2025. With the growing popularity of AI services, cybercriminals are increasingly disguising malware as AI tools. The number of cyberthreats mimicking ChatGPT increased by 115% in the first four months of 2025 compared to the same period last year, reaching 177 unique malicious and unwanted files. Another popular AI tool, DeepSeek, accounted for 83 files. This large language model launched in 2025 immediately appeared on the list of impersonated tools.<\/p>\n<p>\u201cInterestingly, threat actors are rather picky in choosing an AI tool as bait. For example, no malicious files mimicking Perplexity were observed. The likelihood that an attacker will use a tool\u00a0as a disguise for malware or other types of unwanted software directly depends on the service\u2019s popularity and hype around it. The more publicity and conversation there is around a tool, the more likely a user will come across a fake package on the internet. To be on the safe side, SMB employees \u2013 as well as regular users \u2013 should exercise caution when looking for software on the internet or coming across too-good-to-be-true subscription deals. Always check the correct spelling of the website and links in suspicious emails. In many cases these links may turn out to be phishing or a link that downloads malicious or potentially unwanted software\u201d, says <strong>Vasily Kolesnikov, security expert at Kaspersky.<\/strong><\/p>\n<p>Another cybercriminal tactic to look for in 2025 is the growing use of collaboration platform brands to trick users into downloading or launching malware. The number of malicious and unwanted software files disguised as Zoom increased by nearly 13% in 2025, reaching 1,652, while such names as \u201cMicrosoft Teams\u201d and \u201cGoogle Drive\u201d saw increases of 100% and 12%, respectively, with 206 and 132 cases. This pattern likely reflects the normalization of remote work and geographically distributed teams, which has made these platforms integral to business operations across industries.<\/p>\n<p>Among the analyzed sample, the highest number of files mimicked Zoom, accounting for nearly 41% of all unique files detected. Microsoft Office applications remained frequent targets for impersonation: Outlook and PowerPoint each accounted for 16%, Excel for nearly 12%, while Word and Teams made up 9% and 5%, respectively.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter\" src=\"https:\/\/content.kaspersky-labs.com\/fm\/press-releases\/c3\/c38648e135248cd0cc241f27b1ff21a3\/processed\/01-en-smb-report-graphs-1fin-q93.png\" alt=\"Share of unique files with names mimicking popular legitimate applications in 2024 and 2025\" width=\"682\" height=\"501\" \/><\/p>\n<p>Share of unique files with names mimicking the popular legitimate applications in 2024 and 2025<\/p>\n<p>The top threats targeting small and medium businesses in 2025 included downloaders, trojans and adware.<\/p>\n<p><strong>Phishing and Spam<\/strong><\/p>\n<p>Apart from malware threats, Kaspersky continues to observe a wide range of phishing and scam schemes targeting SMBs. Attackers aim to steal login credentials for various services \u2014 from delivery platforms to banking systems \u2014 or manipulate victims into sending them money through deceptive tactics. One example is a phishing attempt targeting Google Accounts. Attackers promise potential victims to increase sales by advertising their company on X, with the ultimate goal to steal their credentials.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/content.kaspersky-labs.com\/fm\/press-releases\/3a\/3a881cf49c7a44f3422a88d1975338ea\/processed\/1-1-q93.png\" alt=\"A phishing page example\" width=\"488\" height=\"228\" \/><\/p>\n<p>Beyond phishing, SMBs are flooded with spam emails. Not surprisingly, AI has also made its way into the spam folder \u2014 for example, with offers for automating various business processes.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/content.kaspersky-labs.com\/fm\/press-releases\/c9\/c9b25e3f7e82923bbff2939dd37a0625\/processed\/image10-2-q93.png\" alt=\"A spam letter example\" width=\"543\" height=\"274\" \/>\u00a0In general, Kaspersky observes phishing and spam offers crafted to reflect the typical needs of small businesses, promising attractive deals on email marketing or loans, offering services such as reputation management, content creation, or lead generation, and more.<\/p>\n<\/div>\n<\/div>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>In 2025, nearly 8,500 users from small and medium-sized businesses (SMBs) faced cyberattacks where malicious or unwanted software was disguised as popular online productivity tools, Kaspersky reports. Based on the unique malicious and unwanted files observed, the most common lures included Zoom and Microsoft Office, with newer AI-based services like ChatGPT and DeepSeek being increasingly [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":19355,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[10],"tags":[],"class_list":{"0":"post-356205","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-cyber-security"},"_links":{"self":[{"href":"https:\/\/www.technologyforyou.org\/wp-json\/wp\/v2\/posts\/356205","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.technologyforyou.org\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.technologyforyou.org\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.technologyforyou.org\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.technologyforyou.org\/wp-json\/wp\/v2\/comments?post=356205"}],"version-history":[{"count":0,"href":"https:\/\/www.technologyforyou.org\/wp-json\/wp\/v2\/posts\/356205\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.technologyforyou.org\/wp-json\/wp\/v2\/media\/19355"}],"wp:attachment":[{"href":"https:\/\/www.technologyforyou.org\/wp-json\/wp\/v2\/media?parent=356205"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.technologyforyou.org\/wp-json\/wp\/v2\/categories?post=356205"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.technologyforyou.org\/wp-json\/wp\/v2\/tags?post=356205"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}