VK Workspace Protects Businesses: 421 Million Phishing and Spam Emails Blocked

Advanced Training of Anti-Spam Systems

The number of user spam complaints (clicks on the 'This is spam' button) decreased by 10%, demonstrating improved efficiency in filtering systems that now intercept malicious emails before they reach spam folders. Attackers frequently disguised emails as legitimate business correspondence, often mimicking logistics firms or government agencies. To increase credibility, phishing campaigns incorporated real brand names and official-style formatting.

The success of VK’s anti-fraud measures stems from intensive retraining of its machine learning–based spam filters. According to Anatoly Tutynin, Chief Information Security Officer at VK Tech, large-scale blocking highlights the effectiveness of VK’s internal ML and OCR-driven systems, emphasizing the vital importance of secure corporate email in an era of growing social engineering and targeted phishing attacks.

Reducing Data Leakage Risks

For the IT market, VK’s report confirms strong demand for domestic corporate email solutions equipped with AI-based anti-phishing mechanisms, domain reputation systems, and image OCR analysis. This surge is driving innovation among leading Russian cybersecurity providers, including Mail.ru, VK Tech, Kaspersky, and Group-IB.

For businesses, adopting protected email platforms offers a clear advantage: reduced risk of data breaches and lower costs for incident response. Meanwhile, regulators are using these figures to justify tightening requirements for securing corporate email in critical industries and government bodies — and to promote the use of certified solutions. Still, adversaries are evolving quickly, employing AI and complex social engineering techniques, making continuous ML model retraining and cross-provider threat intelligence sharing essential.

“Group-IB has played a key role in the global fight against cybercrime, participating in eight large-scale law enforcement operations across more than 60 countries. These efforts led to the arrest of 1,221 cybercriminals and the dismantling of over 207,000 malicious infrastructures. Such operations underscore the vital importance of cooperation between private cybersecurity firms and international law enforcement in disrupting global cybercrime networks.”

Dmitry Volkov

CEO of Group-IB

Unprecedented Threat Levels

The latest data shows a sharp rise in spam and phishing volume, as well as in the sophistication of malicious campaigns. In Q3 2025, Mail.ru blocked over 7.6 billion spam messages and took down more than 4,500 domains distributing unwanted content.

According to Kaspersky’s Securelist report (June 2025), between January and April, around 8,500 small and medium-sized businesses suffered malware attacks where malicious code was disguised as legitimate software tools. Threat actors most often impersonated Zoom (41% of unique malicious files, up 14% year-over-year), followed by Microsoft Office apps such as Outlook and PowerPoint (16% each), Excel (12%), Word (9%), and Teams (5%). Fake AI utilities are on the rise too: malware disguised as ChatGPT grew by 115% year-over-year.

Group-IB’s participation in eight major law enforcement operations across 60 countries led to 1,221 arrests and the dismantling of more than 207,000 malicious infrastructures.

Globally, phishing and scam tactics are evolving — including the use of AI-generated deepfakes and voice cloning — often distributed through trusted platforms like Telegram and Google Translate to evade detection.

The Shift Toward Certified Solutions

Email remains the primary vector for social engineering attacks. Protection strategies are evolving toward a comprehensive defense stack that combines ML/AI algorithms, domain reputation databases, and OCR-based visual scanning. Collaboration and competition among email service providers, antivirus vendors, and cyber threat intelligence (CTI) companies are essential for defending against adaptive adversaries.

Over the next one to two years, phishing attacks are expected to become more targeted and AI-driven, pushing providers to invest in automated analysis and machine learning infrastructure. Stricter email security certification and logging standards are likely, especially for SMBs and the public sector, which are rapidly transitioning to managed and certified corporate email solutions — creating opportunities for both Russian and global security vendors.