The number of cyber threats posing as AI tools like ChatGPT has increased by 115 percent in the first months of 2025, Kaspersky reports. SMEs appear to be a popular target.
According to Kaspersky, nearly 8,500 SME users have already been affected in 2025 by malicious or unwanted software posing as well-known productivity tools. Popular names like Zoom, Microsoft Office, and AI services such as ChatGPT and DeepSeek are particularly useful covers for cybercriminals.
AI as Bait
The security company detected more than 4,000 unique files posing as legitimate apps. For ChatGPT alone, there were 177 unique malicious and unwanted files. DeepSeek, the Chinese language model that took the world by storm this year, immediately appeared on criminals’ radar with 83 fake files.
The choice of a particular brand or platform, according to Kaspersky, is linked to popularity and media attention. The greater the recognition, the higher the chance that criminals will associate malware with it. Criminals show no interest in apps like Perplexity. Companies are advised to warn staff about suspicious offers and to thoroughly check the origin of software.
Hybrid Working
Collaboration tools such as Zoom, Microsoft Teams, and Google Drive are increasingly targeted as well. The number of malware files disguised as Zoom grew by 13 percent to 1,652 cases. Attackers are capitalizing on hybrid working and the challenges that come with it.
For Teams and Google Drive, there were 206 and 132 fake files respectively, representing a 100 percent increase for Teams and 12 percent for Google Drive. Zoom is most frequently used as bait. Microsoft Office applications like Outlook, PowerPoint, Excel, and Word closely follow.
Artificial Spam
In addition to malware, Kaspersky also warns of more traditional forms of phishing and spam. Cybercriminals attempt in various ways to steal login credentials or extort money through fake emails. Phishing emails circulate promising companies better visibility on social media in exchange for account details.
read also
The Era of ‘Pathetic Phishing Attacks’ is Over
AI is responsible for spam but can also be the subject of it, for example in the form of fake offers. Kaspersky advises SMEs to make staff aware of the risks and to only download software from official sources.