Kaspersky Report: Email Spam and Phishing Attacks Surge in 2025
Email Spam and Phishing Attacks Surge in 2025

Kaspersky Report Highlights Alarming Rise in Email Threats for 2025

According to recent telemetry data from cybersecurity firm Kaspersky, nearly half of all global email traffic in 2025 consisted of spam, accounting for 44.99% of messages. This spam is not merely unsolicited emails but encompasses a range of email-based threats, including scams, phishing attempts, and malware. The year saw a significant increase in malicious and potentially unwanted email attachments, with individuals and corporate users encountering over 144 million such files—a 15% jump from the previous year's figures.

Regional Breakdown of Email Antivirus Detections

In 2025, the Asia-Pacific (APAC) region led the world in email antivirus detections, capturing 30% of the total. Europe followed with 21%, while Latin America and the Middle East accounted for 16% and 15%, respectively. Russia and the Commonwealth of Independent States (CIS) represented 12%, and Africa trailed with 6%. At the country level, China topped the list with a 14% share of detections, followed by Russia at 11%, Mexico and Spain each at 8%, and Turkey at 5%. Detections peaked moderately during the months of June, July, and November.

Key Trends in Email Spam and Phishing

Kaspersky's annual analysis has identified several persistent trends in the email spam and phishing threat landscape, expected to continue into 2026:

  • Combination of Various Communication Channels: Attackers are increasingly luring email users to switch to messengers or call fraudulent phone numbers. For example, scam investment mailings may redirect victims to fake websites to collect contact details, followed by phone calls from cybercriminals.
  • Usage of Diverse Evasion Techniques: Threat actors frequently disguise phishing URLs using link protection services and QR codes. These QR codes, embedded in email bodies or PDF attachments, not only hide malicious links but also encourage scanning on mobile devices, which may have weaker security than corporate PCs.
  • Mailings Exploiting Legitimate Platforms: Kaspersky experts uncovered tactics abusing features like OpenAI's organization creation to send spam from legitimate addresses, tricking users into clicking scam links. Additionally, a calendar-based phishing scheme from the late 2010s resurfaced, targeting corporate users.
  • Refining Tactics in Business Email Compromise (BEC) Attacks: In 2025, attackers enhanced their persuasiveness by incorporating fake forwarded emails into correspondence, lacking thread-index headers to make verification difficult.

Expert Insights and Recommendations

Roman Dedenok, an anti-spam expert at Kaspersky, commented, "Email phishing shouldn’t be underestimated. Our report reveals that one in ten business attacks starts with phishing, with a significant proportion being Advanced Persistent Threats (APTs). In 2025, we saw an increase in the sophistication of targeted email attacks. Even the smallest details are meticulously crafted, including sender addresses and content tailored to real corporate events. The commodification of generative AI has significantly amplified this threat, enabling attackers to craft convincing, personalized phishing messages at scale with minimal effort."

To stay safe, Kaspersky recommends:

  1. Treat unsolicited invitations from any platform with suspicion, even if they appear from trusted sources.
  2. Carefully inspect URLs before clicking.
  3. Avoid calling phone numbers in suspicious emails; instead, find official numbers on service webpages.
  4. For corporate users, implement solutions like Kaspersky Security for Mail Server with multi-layered defense mechanisms powered by machine learning.
  5. Ensure all employee devices, including smartphones, have robust security software.
  6. Conduct regular training on modern phishing tactics.