11,324 phishing domains used the .com top-level domain, making it the most common among attackers.

72% of phishing domains in the dataset utilized obfuscation via legitimate services.

Meta was mentioned 10,267 times, accounting for 42% of all brand impersonation tracked.

80% of phishing attempts analyzed by Darktrace in 2024 impersonated Amazon.

Phishing scams increased by 118% during Thanksgiving.

There is a 14% increase in phishing scams around Christmas.

Phishing activity overall increased by 128% during the 2025 holiday period compared to the 2024 holiday period.

27% of people are targeted by scam text messages daily.

Phishing attacks rose by 21% in 2025

55% of people receive scam text messages weekly.

There was a 229% spike in phishing scams on Black Friday.

77% of Chief Information Security Officers identified AI-generated phishing as a serious and emerging threat in 2025

71% of Japanese respondents identified phishing as the top threat facing their organization, significantly higher than the global average.

66% of simulated phishing emails utilized domain spoofing techniques.

In 2025, cybercriminals increased their abuse of legitimate platforms like QuickBooks, Zoom, SharePoint, and PayPal by 67% year-to-date.

In 2025, 77% of callback numbers used AI-generated voices, while 69% of vishing attacks were financially motivated, requesting bank detail changes, fraudulent refunds, or transfers.

Phone-based vishing attacks increased by 449% in 2025 compared to 2024, with phone numbers appearing as the sole payload in 5.5% of phishing emails.

PDFs comprised 56% of the top 20 attachments opened in simulated phishing emails.

90% of the most-clicked subject lines in simulated phishing emails reference internal topics.

45% of the top 10 most-clicked simulated phishing emails referenced HR between July 1, 2025, and September 30, 2025.