Kaspersky: 15% growth in malicious email attacks in 2025

Editor’s note: In crypto and fintech security, email remains a critical attack vector. The 2025 Kaspersky findings show a sharp rise in malicious and potentially unwanted emails, with spam accounting for nearly half of global traffic and millions of dangerous attachments hitting users. For crypto firms and investors, these trends mean more phishing, more BEC attempts, and combined-channel scams that blend email with messaging apps and even legitimate-looking services. This editorial summarizes the implications and directs attention to the press release’s key points, which detail where threats are coming from, how attackers adapt, and practical defenses for the year ahead.

Key points

44.99% of global email traffic was spam in 2025.

Over 144 million malicious and potentially unwanted email attachments.

APAC led detections at 30%, Europe 21%, with China 14% among top countries.

Detections peaked in June, July and November.

Trends include cross-channel scams, evasion techniques, platform abuse, and refined BEC tactics.

Why this matters

Kaspersky’s 2025 telemetry shows 44.99% of global email traffic was spam, with 144 million malicious attachments and APAC leading detections, underscoring rising phishing risks.

Attackers increasingly blend email with other channels, employ advanced disguises, and imitate legitimate services, creating risk for crypto platforms and users alike. Staying ahead requires awareness, user training, and layered security measures.

What to watch next

Monitor cross-channel phishing and fraudulent outreach patterns.

Watch for increased use of legitimate platforms to send spam and scams.

Be vigilant for refined BEC tactics and fake email threads.

Strengthen phishing awareness and security controls across organizations.

Disclosure: The content below is a press release provided by the company/PR representative. It is published for informational purposes.

Kaspersky reports 15% growth in malicious email attacks in 2025

12 February 2026

According to Kaspersky telemetry, almost every second email – 44.99% of global traffic – was spam in 2025. Spam consists not only of unsolicited emails, but can also include various email threats such as scam, phishing and malware. In 2025, individuals and corporate users encountered over 144 million malicious and potentially unwanted email attachments, representing a 15% increase compared to the previous year figures.

In 2025, APAC had the largest share of email antivirus detections: it reached 30%, followed by Europe with 21%. Next came Latin America (16%) and the Middle East (15%), Russia and CIS (12%) and Africa (6%). As for individual countries, China had the highest rate of malicious and potentially unwanted email attachments, with the share of email antivirus detections of 14%. Russia ranked second (11%), followed by Mexico (8%), Spain (8%) and Turkey (5%).

Email antivirus detections peaked moderately in June, July and November.

Key trends in email spam and phishing

Kaspersky’s annual analysis has also identified several persistent trends in the email spam and phishing threat landscape that are expected to continue into 2026:

Combination of various communication channels. Attackers lure email users into switching to messengers or calling fraudulent phone numbers. For instance, scam investment mailings may redirect victims to fake websites, where they are asked to provide their contact information, and then cybercriminals will follow up with a phone call.

Usage of diverse evasion techniques in phishing and malicious emails. Threat actors frequently try to disguise phishing URLs, for example, with the help of link protection services and QR codes. These QR codes are often embedded directly in email bodies or within PDF attachments, which not only conceals phishing links but also encourages users to scan them on mobile devices, potentially exploiting weaker security measures than corporate PCs.

Mailings exploiting diverse legitimate platforms. For example, Kaspersky experts discovered a fraudulent tactic that abuses OpenAI’s organization creation and team invitation features to send spam emails from legitimate OpenAI addresses, potentially tricking users into clicking scam links or dialing fraudulent phone numbers. Additionally, a calendar-based phishing scheme, which originated in the late 2010s, resurfaced last year with a focus on corporate users.

Refining tactics in business email compromise (BEC) attacks. In 2025 attackers attempted to become even more persuasive by incorporating fake forwarded emails into their correspondence. These emails lacked thread-index headers or other headers, making it difficult to verify their legitimacy within an email conversation.

Email phishing shouldn’t be underestimated. Our report reveals that one in ten business attacks starts with phishing, with a significant proportion being Advanced Persistent Threats (APTs). In 2025, we saw an increase in the sophistication of targeted email attacks. Even the smallest details are meticulously crafted in these malicious campaigns, including the composition of sender addresses and the tailoring of content to real corporate events and processes. The commodification of generative AI has significantly amplified this threat, enabling attackers to craft convincing, personalized phishing messages at scale with minimal effort, automatically adapting tone, language and context to specific targets,

To learn more about spam and phishing threat landscape, visit securelist.com.

To stay safe, Kaspersky recommends:

Treat unsolicited invitations from any platform with suspicion, even if they appear to come from trusted sources.

Carefully inspect URLs before clicking.

Do not call any phone numbers indicated in suspicious emails – if you need to call support of a certain service, it is best to find the phone number on the official webpage of this service.

For corporate users, Kaspersky Security for Mail Server with its multi-layered defense mechanisms powered by machine learning algorithms provides robust protection against a wide range of evolving threats and offers peace of mind to businesses in the face of evolving cyber risks.

Ensure all employee devices, including smartphones, are equipped with robust security software.

Conduct regular training on modern phishing tactics.

About Kaspersky

Kaspersky is a global cybersecurity and digital privacy company founded in 1997. With over a billion devices protected to date from emerging cyberthreats and targeted attacks, Kaspersky’s deep threat intelligence and security expertise is constantly transforming into innovative solutions and services to protect individuals, businesses, critical infrastructure, and governments around the globe. The company’s comprehensive security portfolio includes leading digital life protection for personal devices, specialized security products and services for companies, as well as Cyber Immune solutions to fight sophisticated and evolving digital threats. We help millions of individuals and nearly 200,000 corporate clients protect what matters most to them. Learn more at www.kaspersky.com.

This article was originally published as Kaspersky: 15% growth in malicious email attacks in 2025 on Crypto Breaking News – your trusted source for crypto news, Bitcoin news, and blockchain updates.