Kaspersky Reports 15% Growth In Malicious Email Attacks In 2025

(MENAFN- Mid-East Info) According to Kaspersky telemetry, almost every second email – 44.99% of global traffic – was spam in 2025. Spam consists not only of unsolicited emails, but can also include various email threats such as scam, phishing and malware. In 2025, individuals and corporate users encountered over 144 million malicious and potentially unwanted email attachments, representing a 15% increase compared to the previous year figures.

In 2025, APAC had the largest share of email antivirus detections: it reached 30%, followed by Europe with 21%. Next came Latin America (16%) and the Middle East (15%), Russia and CIS (12%) and Africa (6%). As for individual countries, China had the highest rate of malicious and potentially unwanted email attachments, with the share of email antivirus detections of 14%. Russia ranked second (11%), followed by Mexico (8%), Spain (8%) and Turkey (5%).

Email antivirus detections peaked moderately in June, July and November.

Key trends in email spam and phishing

Kaspersky's annual analysis has also identified several persistent trends in the email spam and phishing threat landscape that are expected to continue into 2026:

• • Combination of various communication channels. Attackers lure email users into switching to messengers or calling fraudulent phone numbers. For instance, scam investment mailings may redirect victims to fake websites, where they are asked to provide their contact information, and then cybercriminals will follow up with a phone call.

• Usage of diverse evasion techniques in phishing and malicious emails. Threat actors frequently try to disguise phishing URLs, for example, with the help of link protection services and QR codes. These QR codes are often embedded directly in email bodies or within PDF attachments, which not only conceals phishing links but also encourages users to scan them on mobile devices, potentially exploiting weaker security measures than corporate PCs.

• Mailings exploiting diverse legitimate platforms. For example, Kaspersky experts discovered a fraudulent tactic that abuses OpenAI's organization creation and team invitation features to send spam emails from legitimate OpenAI addresses, potentially tricking users into clicking scam links or dialing fraudulent phone numbers. Additionally, a calendar-based phishing scheme, which originated in the late 2010s, resurfaced last year with a focus on corporate users.

• Refining tactics in business email compromise (BEC) attacks. In 2025 attackers attempted to become even more persuasive by incorporating fake forwarded emails into their correspondence. These emails lacked thread-index headers or other headers, making it difficult to verify their legitimacy within an email conversation.

“Email phishing shouldn't be underestimated. Our report reveals that one in ten business attacks starts with phishing, with a significant proportion being Advanced Persistent Threats (APTs). In 2025, we saw an increase in the sophistication of targeted email attacks. Even the smallest details are meticulously crafted in these malicious campaigns, including the composition of sender addresses and the tailoring of content to real corporate events and processes. The commodification of generative AI has significantly amplified this threat, enabling attackers to craft convincing, personalized phishing messages at scale with minimal effort, automatically adapting tone, language and context to specific targets,” comments Roman Dedenok, anti-spam expert at Kaspersky.

To learn more about spam and phishing threat landscape, visit securelist.

To stay safe, Kaspersky recommends:

• Treat unsolicited invitations from any platform with suspicion, even if they appear to come from trusted sources.
• Carefully inspect URLs before clicking.
• Do not call any phone numbers indicated in suspicious emails – if you need to call support of a certain service, it is best to find the phone number on the official webpage of this service.
• For corporate users, Kaspersky Security for Mail Server with its multi-layered defense mechanisms powered by machine learning algorithms provides robust protection against a wide range of evolving threats and offers peace of mind to businesses in the face of evolving cyber risks.
• Ensure all employee devices, including smartphones, are equipped with robust security software.
• Conduct regular training on modern phishing tactics.

About Kaspersky:

Kaspersky is a global cybersecurity and digital privacy company founded in 1997. With over a billion devices protected to date from emerging cyberthreats and targeted attacks, Kaspersky's deep threat intelligence and security expertise is constantly transforming into innovative solutions and services to protect individuals, businesses, critical infrastructure, and governments around the globe. The company's comprehensive security portfolio includes leading digital life protection for personal devices, specialized security products and services for companies, as well as Cyber Immune solutions to fight sophisticated and evolving digital threats. We help millions of individuals and nearly 200,000 corporate clients protect what matters most to them.

MENAFN13022026005446012082ID1110735870