Cybercriminals are exploiting the growing popularity of artificial intelligence (AI) tools to target small and medium-sized Enterprises (SMEs), with malware attacks disguised as AI services rising nearly five times in 2026, according to a new report by Kaspersky, a cybersecurity firm.

The report revealed that between January and April 2026, Kaspersky detected more than 33,300 attacks targeting small and medium-sized Businesses where malicious or unwanted computer software was disguised as popular AI applications. This represents a sharp increase compared with the same period in 2025.

As businesses integrate AI tools into daily operations for productivity, automation, and content creation, cybercriminals are also using the trust around these platforms to trick employees into downloading harmful software.

Kaspersky found that the most common AI brands used as disguises in these attacks included ChatGPT, Claude, and DeepSeek. Fake versions of these tools were used as bait to deliver malware to business devices.

The cybersecurity company stated that many of the detected threats were Trojan-based malware, which often appear as legitimate applications but can secretly steal data, modify files, or install additional malicious programs once they gain access to a device. 

Beyond AI platforms, attackers also continued to exploit trusted workplace applications. Kaspersky reported that almost 415,000 attacks between January and April 2026 involved malware disguised as communication and collaboration tools, including messaging and video conferencing applications, Kaspersky stated.

 

They warned that the shift reflects how cybercriminals are adapting their methods to follow technology trends and target user behaviour.

“Employees are increasingly using AI services and other publicly available tools in their workflows,” Kaspersky said, noting that attackers are taking advantage of this demand by creating fake versions of popular services.

Kaspersky advised SMEs to verify software sources, avoid downloading applications from untrusted websites, check website addresses carefully, and strengthen cybersecurity awareness among employees. 

 

More from our Technology Column

Folake Balogun is a technology journalist covering Africa’s digital economy, with a focus on startups, fintechs, venture capital, artificial intelligence, and emerging technologies. Her work explores the intersection of technology, business, and society, highlighting how innovation is reshaping industries and everyday life across Africa and global markets. She translates complex trends into insightful and impactful stories for a wider audience.

Join BusinessDay whatsapp Channel, to stay up to date

Open In Whatsapp