Fifty percent of affected consumers cite immediate financial fraud as their primary fear, and 54 percent of consumers report an increase in targeted phishing attempts after a breach (2025)

Eighty-eight percent of consumers who received a data breach notice experience at least one negative consequence after a breach; 40 percent experience an increase in phishing or scam attempts; 49 percent experience an increase in spam emails or robocalls; 40 percent experience attempted takeover of an existing account (2025)

77% of advanced email attacks failed SPF, DKIM, or DMARC authentication yet still reached inboxes.

Approximately 45% of advanced email attacks showed indicators of AI assistance, projected to rise to 75–95% within the next 18 months

77% of advanced email attacks impersonated business-critical brands such as DocuSign, Microsoft, and Google.

Clicks on phishing links decreased by 27%, from 119 per 10,000 users last year to 87 per 10,000 users this year.

In 2025, obfuscations to hide URLs from detection were seen in 48% of phishing attacks.

In 2025, attacks bypassing multifactor authentication (MFA) were reported in 48% of phishing attacks.

In 2025, malicious QR codes were observed in 19% of phishing attacks.

In 2025, malicious attachments were present in 18% of phishing attacks.

In 2025, attacks leveraging generative AI were reported in 10% of phishing attacks.

The number of known phishing kits doubled during 2025, reaching a significant increase in active use.

In 2025, the use of 'Blob URIs' was noted in 2% of phishing attacks.

In 2025, 'ClickFix' social engineering techniques were used in 1% of phishing attacks.

100% of advanced email threats bypassed incumbent email security, including Microsoft E3/E5 and leading secure email gateways.

87 out of every 10,000 users clicked on a phishing link each month in 2025.

In 2025, 'polymorphic' attacks that varied the email header, body, and destination were seen in 20% of phishing attacks.

In late 2025, there were 10 million Mamba 2FA phishing attacks recorded.

In 2025, 90% of high-volume phishing campaigns utilized Phishing-as-a-Service (PhaaS) kits.

DocuSign accounted for more than 20% of all advanced email attacks analyzed.