SME scams multiply in recent times, among false versions of chatgpt, teams and office that represent an entrance door for cybercriminals.
In fact, 2025 marked a qualitative and quantitative leap in computer fraud against Italian small and medium -sized enterprises.
SMEs in the sights of the new digital scams
According to the data released by Kaspersky, almost 8,500 SMEs ended up in the sights of attacks based on software disguised by everyday applications.
No longer only fake invoices via email or suspicious links, but digital copies almost perfect of work tools and artificial intelligence. This tries again that the scammers act in a transversal way: in their sights the most fragile subjects end, such as elderly and disabled, but also companies.
Chatgpt, the chatbot par excellence, was transformed into a bait: 177 malicious files in the first four months of the year, with an increase of 115% compared to 2024. No less aggressive the dynamic on Deepseek, which despite having been launched much later has already recorded 83 infected versions.
Remote work and collaboration platforms are under siege: Zoom, Microsoft 365 and Google Drive remain the privileged targets of the hackers, with a record growth of malicious imitations.
Kaspersky’s study examined 12 online applications, identifying the hunting land in the productivity systems preferred by hackers:
- Zoom, +13% of fake files in 2025 (1,652 cases);
- Teams, doubling the imitations (+100%, 206 cases);
- Google Drive, +12% (132 cases).
The strategy is clear: hit where the SMEs are more vulnerable, that is, in the platforms on which the work is held remotely and daily collaboration.
The new frontier of digital fraud is intelligent phishing: personalized spam generated by artificial intelligence that promises businesses to businesses but hides sophisticated traps.
The evolution of cyberc crime is not limited to malware. 2025 introduced a new tool: the use of generative linguistic models to pack credible and personalized phishing emails.
No more messages full of grammatical errors, but corporate automation offers, rapid loans, reputational management or lead generation built with an almost indistinguishable style from that of a reliable supplier. A silent threat, made more difficult to recognize precisely because it sewn on the perceived needs of companies.
The cost of cybersicity
An investigation conducted by Mastercard on 1,800 European entrepreneurs highlights an even more alarming picture. Almost one in four entrepreneur said he had been the victim of digital fraud. In Italy, 11% recorded direct economic losses, while 9% lost customers due to attacks or data escapes.
These are not only isolated accidents, but a brake on growth: almost half of entrepreneurs admits to postpone expansion plans for fear of scams. And more than half of Italian entrepreneurs admits that they do not know how to defend their data and systems from online threats.
The main node remains human capital: 51% of Italian entrepreneurs confess they do not know how to protect their business, a percentage even higher than the European average (47%).
The awareness of the problem, however, grows: three quarters of the Italian SMEs declare that they want to improve the formation on cybersicacy. But without structured programs and without institutional support, this intention risks staying on paper.
Risk for the European economy
It is a systemic risk for the European economy, since SMEs represent 99% of the entrepreneurial fabric of the continent and guarantee a three -quarter employment of the continent workforce. An attack on this production base is not just a problem of individual companies: it is a systemic threat.
Despite having highlighted different facets of the problem, Kaspersky and Mastercard analyzes converge in the same direction: without digital safety, training and defense tools, Europe risks transforming themselves into the paradise of digital scammers.
