KnowBe4, the cybersecurity platform, recently launched its Phishing Threat Trend Report, detailing key trends, new data, and threat intelligence insights surrounding phishing threats targeting businesses at the beginning of 2025.
Drawing on data generated by KnowBe4 Defend, this report highlights the growing threat that ransomware poses and explores how cyber criminals are using sophisticated tactics to bypass native security and secure email gateways (SEGs). It also examines how AI is being used to create polymorphic phishing campaigns, how attackers are infiltrating the hiring process to access systems and data, and the increasing success of attacks that are evading traditional protections.
Key findings from the report show:
- Between September 15, 2024 and February 14, 2025 there was a 17.3% increase in phishing emails compared to the previous six months
- 82.6% of all phishing emails analysed exhibited some use of AI
- The report observes a 22.6% increase in ransomware payloads
- The phishing hyperlink, malware, and social engineering payloads getting through traditional detection have surged, with phishing hyperlinks increasing by 36.8%, malware by 20%, and social engineering tactics by 14.2% compared to the previous six months
- There has been a 57.9% increase in attacks being sent from compromised accounts getting through traditional detection
- The top five legitimate platforms used to send phishing emails include DocuSign, Paypal, Microsoft, Google Drive, and Salesforce
- Currently the most impersonated brands include Microsoft, Docusign, Adobe, Paypal, and LinkedIn
The report shows the unprecedented scale of polymorphic phishing tactics which are now in 76.4% of all phishing campaigns, using AI-generated variations to bypass traditional security measures.
Ransomware payloads in phishing attacks have risen by 22.6% over six months, marking a 57.5% increase in three months. The research also highlights how cyber criminals are increasingly targeting the hiring process, as 64% of attacks are focused on engineering roles.
“As ever, innovation in phishing threats and defences is accelerating rapidly,” said Jack Chapman, SVP of threat intelligence at KnowBe4. “In this report, we have observed cybercriminals evolving their tactics, leveraging ransomware and polymorphic campaigns with new strategies to evade detection by both traditional and advanced technologies.
“As we move through 2025, both phishing threats and defences will continue to evolve, emphasising a holistic approach that integrates technical defences with human risk management. A strong security culture starts with detection but is reinforced by awareness, continuous education, and adaptive technology.”
There’s plenty of other editorial on our sister site, Electronic Specifier! Or you can always join in the conversation by commenting below or visiting our LinkedIn page.
