45% of global emails in 2025 was spam, says Kaspersky - BusinessMirror

Fle photo shows a sign above the headquarters of Kaspersky Lab in Moscow. ALMOST half of the emails received globally last year was spam, with malicious email attachments surging 15 percent to over 144 million detections, according to a new report by cybersecurity firm Kaspersky. Kaspersky telemetry showed that 44.99 percent of global email traffic in 2025 consisted of spam—a category that includes not just unsolicited messages but also scam, phishing, and malware-laden emails. “Email phishing shouldn’t be underestimated. Our report reveals that one in 10 business attacks starts with phishing, with a significant proportion being Advanced Persistent Threats,” said Roman Dedenok, anti-spam expert at Kaspersky. The Asia-Pacific region accounted for the largest share of email antivirus detections at 30 percent, ahead of Europe at 21 percent, Latin America at 16 percent, and the Middle East at 15 percent. China led among individual countries with 14 percent of detections, followed by Russia at 11 percent, Mexico and Spain at 8 percent each, and Turkey at 5 percent. Detections peaked in June, July, and November. “In 2025, we saw an increase in the sophistication of targeted email attacks. Even the smallest details are meticulously crafted in these malicious campaigns, including the composition of sender addresses and the tailoring of content to real corporate events and processes,” Dedenok said. Beyond sheer volume, Kaspersky flagged growing sophistication in how attackers craft and deliver malicious emails. Threat actors are increasingly combining channels—luring victims from email to messaging apps or fraudulent phone numbers—while using QR codes embedded in emails or PDF attachments to disguise phishing links and bypass corporate security filters. Kaspersky also documented abuses of legitimate platforms, including a tactic exploiting OpenAI’s team invitation feature to send scam emails from authentic OpenAI addresses. A calendar-based phishing scheme that first emerged in the late 2010s also resurfaced last year, this time targeting corporate users. In business email compromise attacks, fraudsters inserted fake forwarded emails into correspondence—stripped of thread-index headers that would normally help recipients verify authenticity. “The commodification of generative AI has significantly amplified this threat, enabling attackers to craft convincing, personalized phishing messages at scale with minimal effort,” Dedenok said. Dedenok advised users to treat unsolicited invitations with suspicion even when they appear to come from trusted sources, inspect URLs before clicking, and avoid calling phone numbers listed in suspicious emails—instead looking up contact details directly on a service’s official website. For businesses, the firm recommended regular employee training on phishing tactics and ensuring all devices, including smartphones, carry up-to-date security software. Image credits: AP/Pavel Golovkin About the author Sources regularly see Lorenz at telco and transport conferences. He graduated from the University of Santo Tomas, and has been covering the beat since 2013. He likes to featurize stories, and tries to find another angle for spot news. He travels during his spare time, and likes his coffee black -- no cream, no sugar. More from this author JUNE 24, 2026 Maya offers installment option for cardholders JUNE 24, 2026 Globe secures ₱5B term loan facility with BDO JUNE 23, 2026 AI firm upbeat on business prospects in PHL JUNE 23, 2026 Digital ID for local delivery riders launched JUNE 22, 2026 PLDT seeks SEC, PSE nod for Vitro maiden share sale Related Topics Asia-Pacificbusiness email compromiseCyberattackscybersecurityGenerative AIKasperskymalwarephishingQR code phishingspam emails Know More Know More 2 min PBBM ensures ‘non-partisan’ distribution of ₱1.32-T NTA Samuel P. MedenillaJune 24, 2026 Know More 4 min ‘Hiking rates to cure runaway inflation’ Andrea E. San JuanJune 24, 2026 Know More 2 min Smaller households now becoming new Pinoy norm Bless Aubrey OgerioJune 24, 2026