Malware Attackers Are Disguising Themselves As Popular Apps To Trick Small Businesses

While nobody is exempt, small businesses face a very specific kind of threat when it comes to malware and cyber attacks. This is due to the fact that there are less protection systems and mechanisms in place.

Limited budgets means limited protection measures, and that is why from January to April this year, Kaspersky solutions found that there were 33,352 attacks on small business users where malware or unwanted apps for PCs were disguised as five popular AI services. This number is almost five more than it was the previous year.

ChatGPT had the highest number at 41.99%, compared to 36.13% in 2025, but the biggest jump from last year to this year was from Claude, who experienced an entire 12% increase.

The research says Trojware (Trojans and Trojan-like malware), which is malware that disguises itself as harmless files as a way to convince users to download it, was identified as one of the biggest threats.

Communication Platforms Are Also A Threat

The report says that from January to April this year, Kaspersky solutions blocked 414,736 attacks on small business users where malicious software or PUAs for PCs were disguised as the popular communication apps that Kaspersky’s report looked at. The app with the highest amount of attacks was Telegram with 47.97% of the attacks coming from there. Telegram also had the biggest jump compared to last year, with the number having gone from 24.35%, which is about 23% more.

Also, more than 24,000 attacks were detected from January to April 2026 where malware or PUAs for PCs were disguised as specific office applications. Microsoft Outlook was the main culprit, according to the report.

Interestingly, though, the number was higher last year than it was this year for the work communication platform. Last year, the number was at 45.88% and this year: 37.85%. This does not mean businesses should not still stay cautious.

“In the first four months of this year, we detected hundreds of attacks targeting SMBs in which malicious or unwanted software was disguised as OpenClaw. As employees increasingly use AI services and other publicly accessible tools in their daily workflows, cybercriminals are finding new opportunities to exploit that demand. That’s why security today has to be about more than simply blocking threats.

“It should combine robust protection with practical guidance, user awareness and expert support to help organisations make informed decisions and stay resilient. This is where trusted partners, MSPs and security specialists play a vital role, enabling businesses to adopt new technologies safely without adding unnecessary complexity,” says Anna Papla, UK and Ireland Territory Channel Manager at Kaspersky.

For added context, here’s the full list of applications that Kaspersky looked when conducting this research:

AI Services

ChatGPT
Claude
DeepSeek
Gemini
Grok

Communication Services

Telegram
WhatsApp
Zoom
MicrosoftTeams

Office Communication Services

Microsoft Outlook
Microsoft
PowerPoint
Microsoft Excel
Microsoft Word
Figma
Google Drive

Action Plan For Small Businesses To Stay Safe

After International SMB Day on 27 June, Kaspersky released this data to remind small businesses how important it is to stay protected.

The company also gave SMBs a cybersecurity plan to use. Small measures like these really make a huge difference when it comes to staying safe:
 

1. Make sure your business has access rules when it comes to log ins, shared folders, digital services, etc.
2. Data should always be backed up
3. Create strict rules around using external services and tools
4. Make employees aware of how to detect and report threats
5. Find and use specialised cybersecurity solutions that fit your business needs
6. Stay protected from email threats that disguise themselves as legitimate messages