The phishing hyperlink, malware, and social engineering payloads getting through traditional detection have surged, with phishing hyperlinks increasing by 36.8%, malware by 20%, and social engineering tactics by 14.2% compared to the previous six months.

Ransomware payloads in phishing attacks have risen by 22.6% over six months, with a sharp 57.5% increase in just three months.

76.4% of all phishing campaigns now use polymorphic phishing tactics.

In 2024, there was a 47% increase in phishing emails evading detection by Microsoft’s native security and secure email gateways.

82.6% of all phishing emails analysed exhibited some use of AI.

Of 512 job application-related phishing emails, attackers targeted engineering (64%) roles, followed by finance (12%), HR (10%), IT (10%), product (2%), and others (2%).

There was a 17.3% increase in phishing emails between September 15, 2024 and February 14, 2025 compared to the previous six months.

Most polymorphic phishing emails are sent from compromised accounts (52%), followed by phishing domains (25%), and webmail (20%).

20% of phishing emails between September 15, 2024 and February 14, 2025 relied solely on social engineering.

Between September 15, 2024 and February 14, 2025, there was a 49.9% increase in phishing emails sent from compromised accounts.

3,829 days - average domain age for phishing attacks getting through.

25.9% of phishing emails between September 15, 2024 and February 14, 2025 contained attachments.

Cybercriminals created nearly 1 million new phishing sites each month in 2024. This represents a 700% increase since 2020.

75% of phishing links are hosted on good, trusted websites.

Four of the top five hosting providers used by bad actors to host phishing attacks were based in the U.S. in 2024.

Phishing attacks hosted on subdomain providers increased by 51% in 2024, representing 24% of all phishing attacks.

Cybercriminals created nearly 1 million new phishing sites each month in 2024. This represents a 700% increase since 2020.

Nearly 51% of browser-based phishing attempts involved some form of brand impersonation in 2024.

There has been a 140% increase in browser-based phishing attacks in 2024 compared to 2023.

There is up to six days as the average window of exposure before legacy security tools begin blocking pages from zero-hour phishing attacks.