Search
Close this search box.
Thu, Jul 2, 2026

Cyberattacks on SMBs disguised as AI services surged by five times in 2026

Cyberattacks on SMBs disguised as AI services surged by five times in 2026

ISLAMABAD: From January to April 2026, Kaspersky security solutions detected more than 33,300 attacks on small and medium-sized businesses (SMBs), in which malicious or unwanted software for PCs was disguised as popular artificial intelligence (AI) services. This number has surged by almost five times when compared to the same period in 2025.

A new Kaspersky report reveals threat analysis and mitigation strategies to help SMBs protect themselves against the evolving threat landscape.

At the beginning of 2026, the most common lures in cyberattacks involved malware posing as ChatGPT (42%), Claude (24%), and DeepSeek (20%).

Share of attacks targeting SMBs in which malware or unwanted software mimic the five popular, legitimate AI apps that Kaspersky’s research focuses on, first four months of 2025 and 2026

Among unique malicious files detected in the SMB sector and masqueraded as AI services, Kaspersky experts observed mainly different Trojanware (Trojans and Trojan-like malware), including those capable of downloading and running other malware on compromised devices.

Trojware disguises itself as harmless files to trick users into installing them. Their functionality may vary depending on the type of malware.

It may include stealing, deleting, blocking, modifying, or copying users’ data, as well as other malicious capabilities. Given this, Trojanware represents a highly dangerous cyberthreat to entrepreneurs and businesses.

However, in 2026 Kaspersky telemetry detected even more attacks on SMBs, in which malicious or unwanted software for PCs was disguised as messenger apps and video conferencing software: Telegram, WhatsApp, Zoom and Microsoft Teams.

From January to April, Kaspersky solutions blocked almost 415,000 such attacks. The number of attacks changed marginally compared to the previous year’s figures.

“The threat landscape is evolving with new lures constantly appearing. Corporate employees are increasingly using various AI services and other tools in their workflows, including those that are publicly available.

Thus, to be on the safe side, SMB employees – as well as all users – should exercise caution when looking for software on the internet. Always check the correct spelling of the website and links in suspicious emails, and use robust security solutions,” says Vasily Kolesnikov, security expert at Kaspersky.

“As adversaries constantly refine their methods to exploit human error, the need for up-to-date security awareness training for businesses of all kinds and sizes is undeniable.

However, the reality is that micro-organizations often struggle to allocate time and budget to regularly update their staff on the latest threats and malicious trends. We believe this issue can be largely addressed through solutions tailored for small businesses that deliver robust core protection while also providing accessible security education,” adds Rodion Pyanov, product manager, Kaspersky Small Office Security.

To protect your business from cyberthreats, SMBs should look for solutions that fit their budget, size, and industry requirements, with an emphasis on scalability and ease of integration.

For instance, Kaspersky Small Office Security Premium is an easy-to-use solution that protects from advanced threats and also provides access to security awareness training for employees, making it ideal for micro-businesses.

Meanwhile, small and medium-sized enterprises with more mature IT expertise should consider Kaspersky Next Optimum, which is designed specifically for growing organizations and offers real-time protection, threat visibility, as well as investigation and response capabilities of EDR and XDR.

For teams lacking cybersecurity personnel and the bandwidth for 24/7 monitoring, a managed approach can be invaluable. Kaspersky MDR, an expert-led service, provides round-the-clock capabilities for the entire incident management cycle – from threat detection to continuous protection and remediation.

Read the full report on the SMB threat landscape at Securelist.com.

ALSO READ:

Trusted source for the latest news in Pakistan and global affairs, covering politics,  business, and more.

Contact usPrivacy Policy

Copyright © 2024 Daily Ausaf. All Rights Reserved