Over the past four months, 20 distinct phishing clusters were identified based on shared infrastructure fingerprints.

Meta was mentioned 10,267 times, accounting for 42% of all brand impersonation tracked.

The mean DNS resolution rate for phishing operators was 96.16%, indicating high availability and minimal downtime.

80% of phishing attempts analyzed by Darktrace in 2024 impersonated Amazon.

Phishing scams increased by 118% during Thanksgiving.

55% of people receive scam text messages weekly.

77% of Chief Information Security Officers identified AI-generated phishing as a serious and emerging threat in 2025

Phishing attacks rose by 21% in 2025

There is a 14% increase in phishing scams around Christmas.

27% of people are targeted by scam text messages daily.

There was a 229% spike in phishing scams on Black Friday.

Phishing activity overall increased by 128% during the 2025 holiday period compared to the 2024 holiday period.

71% of Japanese respondents identified phishing as the top threat facing their organization, significantly higher than the global average.

66% of simulated phishing emails utilized domain spoofing techniques.

70% of simulated landing page interactions involve branded content.

Phone-based vishing attacks increased by 449% in 2025 compared to 2024, with phone numbers appearing as the sole payload in 5.5% of phishing emails.

82% of the top 20 clicked links in simulated phishing emails came from internally themed simulations between July 1, 2025, and September 30, 2025.

In 2025, cybercriminals increased their abuse of legitimate platforms like QuickBooks, Zoom, SharePoint, and PayPal by 67% year-to-date.

25% of branded content interactions in simulated phishing emails involved Microsoft between July 1, 2025, and September 30, 2025.

90% of the most-clicked subject lines in simulated phishing emails reference internal topics.