Nearly 50 million web threats were detected and blocked by Kaspersky products used by computer users in India in 2025, according to data from Kaspersky Security Network (KSN). Between January and December 2025, Indian users faced a daily average of around 130,209 online threats, as detected by Kaspersky. This places India among the top 70 countries most at risk from increasing cyber threats.
Kaspersky, the global cybersecurity and digital privacy company, today revealed that nearly a quarter (24.7%) of Internet users in India faced web-based threats in 2025. Between January and December 2025, Kaspersky products detected and blocked 47,526,422 Internet-borne cyberthreats on users’ computers across the country.
On average, Indian users encountered approximately 130,209 web threats per day during the year. Globally, India ranked 62nd in terms of users affected by web-borne threats, according to data obtained and processed by Kaspersky Security Network (KSN).
According to KSN data, attacks delivered via browsers that exploit vulnerabilities in browsers and their plug-ins remain the primary method of online threats. File-less malware continued to be among the most dangerous forms of attack targeting internet users in India in 2025, as it operates in memory and leaves minimal traces on infected systems.
Globally, malicious email attacks grew by 15% in 2025. Kaspersky telemetry shows that nearly every second email worldwide was spam, including unsolicited messages as well as scam emails, phishing attempts, and malware. The APAC region recorded the highest percentage (30%) of antivirus detections in malicious emails and unwanted attachments.
Phishing and email attacks have also become more refined. Cybercriminals increasingly used evasion techniques such as disguising phishing URLs with the help of link protection services and QR codes. When scanned on mobile devices, these QR codes can expose users to exploitation.
“The cyberthreat landscape in India is maturing, with threat variants including phishing, botnets, network-spoofing, and exploits emerging to take advantage of online vulnerabilities faced by unsuspecting internet users. In 2025, we observed phishing campaigns increasingly combining multiple channels. Cybercriminals lured email users into switching to messengers or calling fraudulent phone numbers, where they were coerced into sharing personal information, which was then used for financial theft and blackmail. India also reported multiple cases of ‘digital arrest’ scams in 2025,” said Jaydeep Singh, General Manager for India at Kaspersky.
“We know that phishing and cyberfraud in online shopping peak during major sales and festive seasons, as these events provide predictable opportunities for attackers to scale user-focused campaigns. In 2025, we continued to strengthen consumer and corporate awareness initiatives around evolving threats and expanded our enterprise security offerings in India,” he added.
Kaspersky security experts recommend these cyber safety measures:
For Individual users:
-Do not download and install applications from untrusted sources.
– Do not click on any links from unknown sources or suspicious online advertisements.
– Always use two-factor authentication when available.
– Create strong and unique passwords, using a mix of lower-case and upper-case letters, numbers, and punctuation. Use a reliable password manager to help you remember them.
– Always install updates when they become available; they contain fixes for critical security issues.
– Ignore messages asking to disable security systems for the office or cybersecurity software.
– Use a robust security solution appropriate to your system type and devices, such as Kaspersky Premium
For Organizations:
– Always keep software updated on all the devices you use to prevent attackers from infiltrating your network by exploiting vulnerabilities.
– Do not expose remote desktop services (such as RDP) to public networks unless necessary, and always use strong passwords for them.
– Use solutions such as Kaspersky NEXT EDR Expert for comprehensive visibility across all endpoints on a company’s corporate network to get superior defence, automate routine EDR tasks, enable analysts to speedily hunt out, prioritize, investigate, and neutralize complex threats and APT-like attacks.
– Use the latest Threat Intelligence information to stay aware of actual TTPs used by threat actors.
– Back up the corporate data regularly. Backups should be isolated from the network. Make sure you can quickly access the backups in an emergency if needed.