AI-Themed Cyberattacks on Small Businesses Rise Sharply in 2026, Kaspersky Says

4 Min Read

ISLAMABAD: Cyberattacks on SMBs disguised as AI services rose sharply in the first four months of 2026, with Kaspersky reporting more than 33,300 detections targeting small and medium-sized businesses through malicious or unwanted software posing as popular artificial intelligence tools.

According to the cybersecurity firm, the number of such attacks from January to April 2026 was almost five times higher than during the same period in 2025. The findings highlight growing risks for smaller businesses as employees increasingly use publicly available AI platforms in daily workflows.

Kaspersky said the most common AI-related lures at the start of 2026 involved malware or unwanted software disguised as ChatGPT, which accounted for 42 percent of detected attacks. Claude accounted for 24 percent, while DeepSeek made up 20 percent of the attacks analyzed in the report.

The company said its researchers also found malicious files in the SMB sector posing as AI services. Many of these files were classified as Trojware, including Trojans and Trojan-like malware capable of downloading and running additional malicious software on compromised devices.

Trojware is designed to appear as harmless files so users are tricked into installing it. Once active, it can perform several harmful actions, including stealing, deleting, blocking, modifying or copying data, depending on the malware type.

Messenger and video app lures remain a major threat

Kaspersky said AI-themed threats were not the only risk facing small and medium-sized businesses. From January to April 2026, its security solutions blocked nearly 415,000 attacks in which malicious or unwanted software for PCs was disguised as messenger apps and video conferencing tools.

The apps used as lures included Telegram, WhatsApp, Zoom and Microsoft Teams. Kaspersky said the total number of such attacks changed only marginally compared with the same period in the previous year.

Vasily Kolesnikov, a security expert at Kaspersky, said threat actors continue to adapt their methods as new digital tools become popular in workplaces.

“The threat landscape is evolving with new lures constantly appearing. Corporate employees are increasingly using various AI services and other tools in their workflows, including those that are publicly available,” Kolesnikov said.

He advised users to be cautious when downloading software online, check website spellings and links in suspicious emails, and use reliable security solutions.

Rodion Pyanov, product manager for Kaspersky Small Office Security, said cybercriminals continue to exploit human error, making security awareness training important for organizations of all sizes.

He said smaller organizations often struggle to allocate time and resources for regular cybersecurity training, adding that tailored security tools can help provide core protection along with accessible employee education.

Kaspersky said SMBs should choose cybersecurity solutions based on their budget, size and industry needs, with attention to scalability and ease of integration. The company also said businesses without dedicated cybersecurity personnel may benefit from managed detection and response services that provide continuous monitoring, threat detection and remediation support.

Also Read: Fake Football World Cup Websites Surge, Kaspersky Warns Fans of Cyber Scams

Share This Article