Cybercriminals Follow AI Tools, Targeting SMBs

News Desk

Islamabad: In 2025, an alarming number of nearly 8,500 users from small and medium-sized businesses (SMBs) experienced cyberattacks involving harmful or unwanted software masquerading as well-known online productivity tools, according to Kaspersky.

The analysis of unique destructive and unwanted files revealed that popular tools like Zoom and Microsoft Office were frequently used as traps, with newer AI-driven services like ChatGPT and DeepSeek also becoming prevalent targets. To assist businesses in tackling these threats, Kaspersky shared valuable threat analyses and mitigation strategies.

Experts at Kaspersky studied how malicious and unnecessary software disguised itself as authentic apps, focusing on a sample of 12 online productivity tools. They detected over 4,000 unique malicious and unwanted files in 2025 camouflaged as these popular applications. Attackers promised potential victims increased sales by advertising their companies on X, with the ultimate goal of stealing their credentials.

With the rising popularity of AI tools, there was a remarkable 115 percent increase in cyber threats imitating ChatGPT during the first four months of 2025 compared to the same period last year, totaling 177 unique malicious and unwanted files. Additionally, DeepSeek, launched in 2025, contributed 83 such files.

Interestingly, there were no malicious files posing as “Uncertainty” (likely a typo or placeholder in the source data). Security expert Vasily Kolesnikov noted that attackers typically select tools based on their popularity and buzz — the more well-known a tool is, the greater the chance of it being impersonated.

Read More: https://thepenpk.com/grand-theft-auto-vi-release-delayed-again-until-november-2026/

Another tactic observed in 2025 involved using familiar collaboration platform brands to deceive users into downloading malware. The frequency of malicious files disguised as Zoom increased by nearly 13 percent, reaching 1,652 instances. Meanwhile, Microsoft Teams and Google Drive saw their instances rise by 100 percent and 12 percent, respectively, with 206 and 132 cases.

Among the analyzed sample, Zoom represented nearly 41 percent of all unique files detected. Microsoft Office applications continued to be popular targets as well; Outlook and PowerPoint each accounted for 16 percent, Excel close to 12 percent, Word at 9 percent, and Teams at 5 percent. The primary threats against SMBs consisted of downloaders, trojans, and adware.

In addition to malware threats, SMBs faced phishing and scam tactics aimed at stealing login information for services like delivery platforms and banking systems, or tricking victims into transferring money. One phishing attempt focused on Google Accounts, falsely claiming to boost sales through X advertisements.

SMBs are receiving more spam emails these days, especially those promoting AI tools to help automate business operations. Kaspersky recommended that companies invest in reliable cybersecurity tools such as Kaspersky Next. 

They also advised setting clear access controls for company data, backing up data regularly, and establishing well-defined guidelines for using third-party services — including involving IT and responsible managers when implementing new software.