Global Phishing Threat Landscape Shifts: Expanding Attacks and Evading Detection
The global phishing threat landscape has undergone significant changes in 2024, with attackers targeting high-impact business functions such as IT, HR, finance, and payroll teams with high-impact campaigns. According to the Zscaler ThreatLabz 2025 Phishing Report, the overall number of phishing attacks decreased by 20% globally, but attackers are striking deeper, not wider. This shift towards targeted attacks is driven by the use of Generative AI (GenAI) to launch sophisticated, evasive, and high-impact campaigns.
The Rise of Generative AI in Phishing Attacks
Generative AI has revolutionized the way cybercriminals launch phishing attacks. By using AI-generated content, attackers can create near-flawless lures, evade AI-based defenses, and even outsmart human defenders. The report highlights the emergence of AI-powered phishing campaigns, where attackers use AI-generated voice, video, and text to create realistic social engineering attacks.
- Attackers are using AI-generated content to create highly convincing lures, increasing the success rate of phishing attacks.
- AIs are being used to create fake websites, malware, and other phishing tools, making it increasingly difficult for defenders to detect and block attacks.
- AI-powered phishing campaigns are becoming more sophisticated, using advanced techniques such as deepfakes and voice phishing to manipulate victims.
Targeting High-Impact Departments
Attackers are increasingly targeting high-impact departments such as IT, HR, finance, and payroll teams, as they hold the keys to sensitive systems, information, and processes. These teams are often prime targets for phishing attacks, as they are responsible for managing sensitive data and making critical decisions.
Community Platforms and Phishing Growth
Phishing campaigns are increasingly abusing community-based platforms such as Facebook, Telegram, Steam, and Instagram, not only spoofing their brands but also using them to distribute malware, mask C2 communications, and carry out social engineering attacks. Tech support scams, where attackers pose as IT support teams to exploit urgency and safety concerns of victims, remain widespread.
Threat Actors Capitalizing on AI: Phishing-as-a-Service and AI Deception
Cybercriminals are using GenAI to scale attacks, generate fake websites, and craft deepfake voice, video, and text for social engineering. New scams mimic AI tools, such as resume generators and design platforms, tricking users into handing over credentials or payment data. Critical departments such as payroll, finance, and HR are prime targets, along with executives, who hold the keys to sensitive systems, information, and processes.
| Threat Actors | Phishing-as-a-Service | AI Deception |
| Attackers | Using GenAI to scale attacks and generate fake websites | Crafting deepfake voice, video, and text for social engineering |
| Phishing-as-a-Service providers | Selling AI-generated phishing campaigns to attackers | Offering AI-powered phishing tools and services |
Zscaler Can Help: Defending Against AI Threats with Zero Trust Everywhere + AI
As cybercriminals continue to use GenAI to develop new tactics and deliver more sophisticated attacks, enterprises need to strengthen their defenses against every type of compromise. The Zscaler Zero Trust Exchange protects users, applications, and data across all phases of the attack chain by minimizing the attack surface, preventing initial compromise, eliminating lateral movement, shutting down insider threats, and stopping data loss.
Research Methodology
The Zscaler ThreatLabz 2025 Phishing Report analyzed 2 billion blocked phishing transactions between January and December 2024, exploring various aspects of phishing trends and attack vectors. The report provides actionable insight into the evolving threat landscape and offers recommendations for defending against phishing attacks.
About ThreatLabz
ThreatLabz is the security research arm of Zscaler, responsible for hunting new threats and ensuring that thousands of organizations using the global Zscaler platform are always protected. ThreatLabz regularly publishes in-depth analyses of new and emerging threats on its portal, research.zscaler.com.
About Zscaler
Zscaler (NASDAQ: ZS) accelerates digital transformation so customers can be more agile, efficient, resilient, and secure. The Zscaler Zero Trust Exchange platform protects thousands of customers from cyberattacks and data loss by securely connecting users, devices, and applications in any location.
Media Contacts
Nick Gonzalez, Sr. Manager, Media Relations, press@zscaler.com
A photo accompanying this announcement is available at https://www.globenewswire.com/NewsRoom/AttachmentNg/6b96dd38-9f87-4353-85b3-13a0086fc129.
news is a contributor at AntiVirusDon. We are committed to providing well-researched, accurate, and valuable content to our readers.
