Attacks involving malware masquerading as widely used software and services have impacted nearly 8,500 small and medium-sized business users during the first four months of 2025, GBHackers News reports.
Most impersonated in such intrusions was the video-conferencing platform Zoom, which accounted for 41% of all malicious files spread between January and April, according to a report from Kaspersky. While Microsoft Outlook and PowerPoint were the next most spoofed programs, accounting for 16% each of the identified files, OpenAI's ChatGPT artificial intelligence chatbot had the greatest increase in nefarious files at 115%. Additional findings showed three and one percentage point increases in malicious files impersonating Microsoft Teams and Google Drive. Increasingly sophisticated phishing attacks have also been launched against SMBs, with the emergence of Google business account- and banking service-spoofing pages. Such threats should prompt SMBs to bolster their cybersecurity defenses through multi-factor authentication, endpoint security software, data backups, robust access controls, and phishing training programs for employees.
Most impersonated in such intrusions was the video-conferencing platform Zoom, which accounted for 41% of all malicious files spread between January and April, according to a report from Kaspersky. While Microsoft Outlook and PowerPoint were the next most spoofed programs, accounting for 16% each of the identified files, OpenAI's ChatGPT artificial intelligence chatbot had the greatest increase in nefarious files at 115%. Additional findings showed three and one percentage point increases in malicious files impersonating Microsoft Teams and Google Drive. Increasingly sophisticated phishing attacks have also been launched against SMBs, with the emergence of Google business account- and banking service-spoofing pages. Such threats should prompt SMBs to bolster their cybersecurity defenses through multi-factor authentication, endpoint security software, data backups, robust access controls, and phishing training programs for employees.
