This is the latest data released by cybersecurity company Kaspersky. Notably, email spam is not only limited to advertising content but can also be a cover for a series of attacks such as scams, phishing, and malware.
In 2025, individual and business users faced more than 144 million malicious email attachments or potentially risky files, an increase of 15% compared to the previous year.
The main trend of email scams and counterfeiting
Based on the collected data, Kaspersky's cybersecurity experts also pointed out many prominent trends in how cybercriminals deploy spam campaigns and fake email scams. These forms are forecast to continue to be maintained and expanded in 2026.
Combining many different communication channels: The attacker finds ways to lure email users to switch to exchanging via messaging applications or calling scam phone numbers.
Use a variety of disguise techniques in fake scam emails and emails containing malicious files or links: Threatening agents often find ways to disguise scam links, such as by using link protection services or QR codes. These QR codes are often inserted directly into email content or attached to PDF files.
In this way, they not only disguise fraudulent links but also trick users into scanning code with mobile phones. Mobile devices often have a weaker security layer than business computers, so bad guys can take advantage of this weakness.
Exploiting legitimate platforms for fraudulent purposes: Kaspersky experts discovered a fraudulent trick that exploits the feature of creating organizations and inviting members to join OpenAI's group to send spam from legitimate OpenAI addresses. This can make users trust and click on fraudulent links or call fake phone numbers.
Sophisticated transformation of corporate email scam attack tactics: In 2025, bad actors' attack tricks are becoming more sophisticated and convincing, by inserting fake emails in the form of "transfer" into the exchange content.
These emails lack important technical information in the email, such as message string identification codes or sender authentication data, making verification of authenticity in the conversation series more difficult.
Recommendations
In order to minimize risks for individual users and businesses, Kaspersky experts recommend:
- Always be wary of unwanted invitations from any platform, even if these emails seem to come from a reliable source.
- Check the URL carefully before clicking.
- Do not call the phone number provided in the suspicious email. If you need to contact the support department of a service, find the phone number on the official service website.
- For business users, using solutions with multi-layered defense mechanisms, supported by machine learning algorithms, brings strong protection against increasingly sophisticated threats, helping businesses proactively respond to increasing cybersecurity risks.
- Ensure that all employees' devices, including smartphones, are installed with reliable security software.
- Organize periodic training for employees on counterfeit fraud tactics using modern methods.
