Three toll collection services, SunPass, E-ZPass, and EZDrive Massachusetts, appeared in the top 10 most targeted brands by cybercriminals.

The top 10 most imitated brands in Q1 2025 are: Steam, Microsoft, Facebook/Meta, Roblox, SunPass, E-ZPass, USPS, EZDrive Massachusetts, Netflix, and WeTransfer.

Organisations with fewer than 100 mailboxes experience up to 7.5x more missed phishing attacks than large enterprises.

Secure Email Gateways (SEGs) are missing an average of 67.5 phishing emails per 100 mailboxes every month. This analysis is based on actual phishing emails that bypassed SEG defences and were detected by the IRONSCALES email security platform.

Over 65% of missed phishing emails across SEGs are vendor scams and credential theft.

Each missed phishing email takes 27.5 minutes of analyst time

49% of SMBs believe AI will be most useful in flagging phishing emails and texts.

Each missed phishing email costs an average of $36.29 to investigate and remediate.

Phishing texts and emails (48%) were a common cyber disruption faced by SMBs in the past 12 months.

SEG miss rates range from 38.4 to 101 phishing emails per 100 mailboxes monthly.

64% of phishing attacks are focused on engineering roles.

81.9% of phishing victims had their emails leaked in previous breaches.

The most common third-party platforms used for phishing were: • sendgrid.com • salesforce.com • amazonaws.com • sendlayer.com • mailgun.com • marketo.com.

On average, phishing emails contained 1058 characters (~188 words)

New starters typically received a phishing email after 3 weeks.

Job application-related phishing attacks are not only sent to individual accounts (24%) but also shared mailboxes (52%) and individual inboxes with activated delegate functions (21%) (e.g. a personal assistant has access to an executive’s inbox).

Between September 15, 2024 and February 14, 2025, there was a 11.1% incease in phishing emails sent from compromised email addresses within the supply chain.

Between September 15, 2024 and February 14, 2025, there was a 67.4% incease in the use of third-party platforms for phishing emails.

There has been a 57.9% increase in phishing attacks being sent from compromised accounts getting through traditional detection.

The top three words used in phishing emails: Urgent, Review, Sign.