Overview

• Kaspersky’s products blocked over 142 million phishing-link clicks in Q2 2025, marking a 3.3% rise from the previous quarter.
• Attackers are leveraging large language models and AI-powered OSINT tools to aggregate open-source data and craft hyper-personalized messages without grammatical errors.
• Threat actors are deploying deepfake audio and video to impersonate colleagues, bank officials and celebrities in order to steal MFA codes, voiceprints and other immutable identifiers.
• Scammers have begun hijacking legitimate platforms such as Google Translate and Telegraph to host malicious content that evades traditional security filters.
• Experts recommend limiting publicly shared work-related information, verifying unexpected communications through separate channels and never disclosing one-time passwords.