Nearly one in two emails—44.99% of global traffic—consisted of spam in 2025, according to a report issued by global cybersecurity and digital privacy company Kaspersky.
Spam refers not only to unsolicited emails, but can also include various email threats such as scam, phishing and malware. In 2025, individuals and corporate users encountered over 144 million malicious and potentially unwanted email attachments, representing a 15% increase compared to the previous year’s figures, said Kaspersky in a statement.
According to the company, 2025 saw the Asia-Pacific region recording the largest share of email antivirus detections at 30%, followed by Europe with 21%. Next came Latin America (16%) and the Middle East (15%), Russia and CIS (12%) and Africa (6%). Among individual countries, China had the highest rate of malicious and potentially unwanted email attachments, 14%, followed by Russia, 11%, Mexico, 8%, Spain, 8%, and Turkey, 5%.
Email antivirus detections peaked moderately in June, July and November.
Kaspersky’s annual analysis has also identified several persistent trends in the email spam and phishing threat landscape that are expected to continue into 2026. Attackers lure email users into switching to messengers or calling fraudulent phone numbers. For instance, scam investment mailings may redirect victims to fake websites, where they are asked to provide their contact information, and then cybercriminals will follow up with a phone call.
Threat actors frequently try to disguise phishing URLs, for example, with the help of link protection services and QR codes. Kaspersky experts discovered a fraudulent tactic that abuses OpenAI’s organization creation and team invitation features to send spam emails from legitimate OpenAI addresses, potentially tricking users into clicking scam links or dialing fraudulent phone numbers. Additionally, a calendar-based phishing scheme, which originated in the late 2010s, resurfaced last year with a focus on corporate users. In 2025, attackers attempted to become even more persuasive by incorporating fake forwarded emails into their correspondence.
“Email phishing shouldn’t be underestimated. Our report reveals that one in 10 business attacks starts with phishing, with a significant proportion being Advanced Persistent Threats (APTs),” said Roman Dedenok, anti-spam expert at Kaspersky. “In 2025, we saw an increase in the sophistication of targeted email attacks. Even the smallest details are meticulously crafted in these malicious campaigns, including the composition of sender addresses and the tailoring of content to real corporate events and processes. The commodification of generative AI has significantly amplified this threat, enabling attackers to craft convincing, personalized phishing messages at scale with minimal effort, automatically adapting tone, language and context to specific targets,” he added.
To stay safe, Kaspersky recommends treating unsolicited invitations from any platform with suspicion, even if they appear to come from trusted sources. Carefully inspect URLs before clicking. Do not call any phone numbers indicated in suspicious emails.
To learn more about spam and phishing threat landscape, visit securelist.com.