SPAM and phishing in 2025 shows a sustained global burden, with 99% of all emails worldwide and 43.27% of all emails in the Russian web segment classified as spam, and 554,002,207 attempts to follow fraudulent links blocked by Kaspersky, alongside 144,722,674 malicious attachments detected.
The report highlights a year of broad phishing activity across entertainment, government services, Know Your Customer processes, messaging apps, and OpenAI/Game/Crypto-themed scams, with threats leveraging Google services, YouTube notifications, and QR codes to bypass filters. It notes that the Runet segment saw a sharper decline in spam shares than the global average, while malicious attachments remained heavily focused on families such as Makoob, Badun and Taskun.
In addition to mass campaigns, spear phishing, BEC and multi‑stage attacks continued to evolve, with attackers increasingly impersonating brands, government portals and industrial firms to harvest credentials and personal data. According to Kaspersky, the threat landscape in 2025 emphasised the ongoing value of messaging app credentials and the growing abuse of legitimate tools and multi‑stage schemes to deceive users.