Spam and Phishing Surge: Mail.ru Blocks Nearly 30 Billion Malicious Emails in 2025

A Growing Threat Landscape

Mail.ru’s anti-spam and anti-phishing systems, part of VK’s digital ecosystem, prevented the delivery of nearly 29.6 billion unwanted emails in 2025 — an average of around 90 million blocked messages per day. The rising volume reflects broader global trends in cybercrime and increasing pressure on email security infrastructure.

The most intense period occurred between October and December 2025, when 7.3 billion malicious messages were blocked. That represents a 35% increase compared with the same period in 2024. The dominant attack patterns included mass phishing campaigns using malicious .cab attachments, fraudulent investment offers, and emails impersonating official notifications from government agencies.

These figures illustrate not only the scale of threats facing Russia’s email ecosystem, but also the effectiveness of locally developed filtering technologies. Publishing such data helps raise public awareness of email-based risks, strengthens trust in domestic security systems, and can reduce the success rate of phishing attacks.

Technology Strategy and User Protection

Mail.ru’s development strategy is focused on advancing machine-learning models capable of detecting new and evolving phishing techniques. One area under consideration is deeper integration with trusted services, including government and banking notification systems, to improve filtering accuracy and reduce false positives.

Between 2026 and 2030, the company expects broader deployment of AI-driven content analysis tools that can proactively identify threats in real time. These technologies are designed to integrate with corporate and government cybersecurity platforms, extending protection to enterprise and public-sector email systems.

For end users, these improvements translate into fewer malicious messages reaching inboxes, lower exposure to fraud, and a smoother email experience. Internally, the technology roadmap also includes cybersecurity awareness initiatives focused on email hygiene, helping users recognize and avoid common attack techniques.

At the same time, risks remain. Phishing campaigns are becoming more sophisticated, increasingly incorporating AI-generated content. Maintaining effective defenses will require constant algorithm updates and careful attention to regulatory requirements governing personal data processing.

How Russia’s Email Security Compares Globally

In the first half of 2025, Mail.ru blocked more than 13.7 billion unwanted emails, a 5% increase year over year. Investment scams accounted for 40% of spam traffic, while fake lotteries, online casinos, and spoofed messages from banks, retailers, and marketplaces made up 32%.

Global data shows similar pressure across markets. According to the Anti-Phishing Working Group (APWG), 1,003,924 phishing attacks were recorded worldwide in the first quarter of 2025 — the highest level since late 2023. Trends include increased targeting of online payments and financial services, greater use of QR codes, and growth in business email compromise (BEC) attacks.

While the exponential growth of cyber threats targeting Russian companies over the past three years has slowed somewhat, risks remain extremely high. Ransomware, sabotage, espionage, malware, and online fraud continue to pose serious dangers. Attacks are becoming more sophisticated, and their success can lead to multimillion-dollar losses, data theft, and reputational damage for both businesses and everyday users. Identifying vulnerabilities before attackers do is critical.

Valery Baulin

CEO of cybersecurity firm F6

Kaspersky reports that spam represented 47.27% of global email traffic in 2024, while its anti-phishing systems blocked more than 893 million attempts to follow malicious links. Research by Positive Technologies shows phishing attacks rose 33% in 2024 compared with 2023, and 72% compared with 2022.

AI at the Core of Cyber Defense

Blocking nearly 30 billion malicious emails in a single year highlights the critical role of artificial intelligence in modern email security. Analysts expect continued investment in real-time traffic analysis, predictive risk modeling, and self-learning systems capable of adapting to new attack scenarios.

If current effectiveness levels are maintained, Russian anti-spam and email security technologies could become viable export products, particularly for CIS countries and emerging digital economies. Reliable email filtering is increasingly viewed as a core component of national digital security strategies.