Small and Medium-scale Enterprises have seen a 115 per cent rise in cyber attacks involving fake productivity tools and artificial intelligence platforms, according to global cybersecurity firm Kaspersky.
Kaspersky made this disclosure on Thursday, noting that the attacks occurred within the first four months of 2025.
The report revealed that in 2025, nearly 8,500 users from small and medium-sized businesses worldwide were targeted by cyberattacks involving malicious or unwanted software disguised as popular productivity tools, according to Kaspersky.
Attackers most frequently used fake versions of Zoom and Microsoft Office as lures, while newer AI-based platforms like ChatGPT and DeepSeek are also increasingly being exploited.
Kaspersky analysts, examining how often malicious and unwanted software are disguised as legitimate applications used by small and medium-sized businesses, sampled 12 popular online productivity tools and detected over 4,000 unique malicious and unwanted files in 2025.
Cybersecurity experts warned that as AI services grow in popularity, cybercriminals are increasingly using fake AI tools to spread malware.
The report showed a 115 per cent rise in cyberthreats mimicking ChatGPT in the first four months of 2025 compared to the same period in 2024, with 177 unique malicious and unwanted files detected.
Another AI tool, DeepSeek, which launched in 2025, was also quickly targeted by cybercriminals, accounting for 83 malicious files.
Commenting on the report, a security expert at Kaspersky, Vasily Kolesnikov, said, “Interestingly, threat actors are rather picky in choosing an AI tool as bait. For example, no malicious files mimicking Perplexity were observed. The likelihood that an attacker will use a tool as a disguise for malware or other types of unwanted software directly depends on the service’s popularity and hype around it. The more publicity and conversation there is around a tool, the more likely a user will come across a fake package on the internet.
“To be on the safe side, SMB employees, as well as regular users, should exercise caution when looking for software on the internet or coming across too-good-to-be-true subscription deals. Always check the correct spelling of the website and links in suspicious emails. In many cases, these links may turn out to be phishing or a link that downloads malicious or potentially unwanted software.”
A breakdown of the report’s findings revealed that malicious and unwanted software files disguised as Zoom rose by nearly 13 per cent in 2025, reaching 1,652 cases. Microsoft Teams and Google Drive saw sharper increases of 100 per cent and 12 per cent, with 206 and 132 cases, respectively.
Zoom topped the list, representing nearly 41 per cent of all unique malicious files detected. Microsoft Office applications were also frequent targets: Outlook and PowerPoint each accounted for 16 per cent, Excel for nearly 12 per cent, while Word and Teams made up nine and five per cent, respectively.
