Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Your Microsoft 365 and Google Workspace security dashboards show green across all metrics. You've implemented data loss prevention policies, enabled advanced threat protection, and your team regularly audits security logs. Yet sensitive data continues to leave your organization through email channels. Why? Because attackers and even non-malicious insiders aren't using the obvious exfiltration techniques your tools were built to detect.

Today, the average phishing email that lands in your CEO's inbox is flawless. It uses perfect grammar, contains an intimate understanding of your organization’s current business landscape, and ends with an urgent, contextually relevant request. This isn't the work of a typical cybercriminal; it's the hallmark of generative AI being weaponized, transforming social engineering from a numbers game into a targeted strike.

Cybersecurity professionals face an increasingly aggressive phishing threat landscape, and the 2025 KnowBe4 Phishing By Industry Benchmarking Report makes one thing crystal clear: transforming your largest attack surface - your workforce - into your biggest security asset is critical. 49 Seconds to Disaster According to the Verizon Data Breach Investigations Report (DBIR), the median time it takes someone to click a malicious link is a staggering 21 seconds.

Year after year, we continue to see increases in phishing and business email compromises (BEC), and the costs associated with these incidents are growing, too. The LevelBlue Security Operations Center (SOC) found that BEC attacks made up 70% of the total incidents investigated during the second half of 2024. Of these incidents, 96% of them involved one or more phished users.

APWG's Q4 2024 Phishing Activity Trends Report, published March 19th, revealed that more than eight in ten Business Email Compromise (BEC) attacks last quarter were sent by attackers favoring Google's free webmail service. By comparison, only 10% used Microsoft's free email web app, Outlook.com.

KnowBe4 ThreatLabs has identified and analyzed a sophisticated cross-platform phishing campaign that utilizes Telegram as its primary exfiltration channel. The campaign uses a combination of security-themed phishing emails, branded phishing websites to harvest credentials, and Telegram bots to exfiltrate data.

Email Threats Continue to Hit Businesses Where It Hurts Most The cyber threat landscape in 2024 saw a continued rise in email-based attacks, with businesses facing increasingly sophisticated forms of business email compromise (BEC) and fund transfer fraud (FTF). These threats aren’t just technical — they hit organizations financially, emotionally, and operationally.

Researchers at Cisco Talos warn that major phishing kits continue to incorporate features that allow them to bypass multi-factor authentication (MFA). Commodity phishing kits like Tycoon 2FA and Evilproxy achieve this by using reverse proxies to intercept traffic from the authentication process during a phishing attack.