Excerpt from Dawn, Published on Jul 4, 2025
According to a report by global cybersecurity firm Kaspersky, nearly 8,500 small and medium-sized businesses (SMBs) have faced cyberattacks in 2025 through fake AI-based tools. These attacks often involved malware disguised as legitimate productivity applications such as Zoom, Microsoft Office, ChatGPT, and the newly launched DeepSeek.
Kaspersky analysts found over 4,000 unique malicious or unwanted files this year alone, often mimicking trusted applications. Notably, the number of threats using ChatGPT as bait increased by 115%, while DeepSeek, despite launching in 2025, already accounted for 83 malicious file disguises.
The report highlights how cybercriminals exploit popular AI tools due to their rising public attention and hype. As stated by Vasily Kolesnikov, a security expert at Kaspersky, attackers choose AI brands that are trending, making it more likely that unsuspecting users will download malware disguised as those tools.
Zoom remained the most imitated platform, accounting for 41% of all malicious files, followed by Outlook and PowerPoint (16% each), Excel (12%), Word (9%), and Microsoft Teams (5%). Kaspersky also reported increases in disguised threats involving Microsoft Teams (up 100%) and Google Drive (up 12%).
The majority of threats targeting SMBs include downloaders, trojans, and adware, with phishing and scam campaigns also on the rise. Attackers commonly aim to steal login credentials for services like banking platforms or delivery apps through fake promotions and phishing links. Some even offer misleading “AI-powered marketing solutions” to trick users into sharing sensitive data.
Kaspersky urges SMBs to deploy specialized cybersecurity solutions, create strict access policies, backup critical data regularly, and establish secure protocols when integrating new software tools.
To delve deeper into this topic, please read the full article on DWAN.
