Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

    Security Awareness Training Blog

    Talos Report: Phishing Attacks Surged in Q1 2025

    Phishing StudentPhishing was the initial access vector in 50% of attacks during the first quarter of 2025, according to a new report from Cisco Talos.

    “Threat actors used phishing to achieve initial access in 50 percent of engagements, a notable increase from less than 10 percent last quarter,” Talos writes.

    “Vishing was the most common type of phishing attack seen, accounting for over 60 percent of all phishing engagements, though we also observed malicious attachments, malicious links, and business email compromise (BEC) attacks.

    Adversaries predominately leveraged phishing to gain access to a valid account, pivot deeper into the targeted network, and expand their foothold, contrasting other phishing objectives we have seen in the past such as eliciting sensitive information or monetary transfers.”

    Additionally, ransomware surged by 20%, accounting for half of Talos’s engagements in Q1 2025. A single campaign using the BlackBasta and Cactus ransomware made up 60% of these ransomware incidents, targeting manufacturing and construction organizations. These attacks began with voice phishing (vishing) attempts that tricked employees into granting access.

    “The attack chain we observed begins with the threat actors flooding users’ mailboxes at targeted organizations with a large volume of benign spam emails,” Talos explains. “After a few days, the actors call the victim, usually via Microsoft Teams, and direct them to initiate a Microsoft Quick Assist remote access session, helping them with the installation of the program if not already present on the user’s system.”

    Once the attacker gains access, they establish persistence, escalate privileges, and move laterally before deploying the ransomware.

    Talos recommends user awareness training as a layer of defense against these types of social engineering attacks.

    “Half of the engagements this quarter involved social engineering, potentially highlighting insufficient user education,” the researchers write. “This security weakness corresponds with the surge in phishing attacks, as users were manipulated to grant attackers access to their environments, with vishing proving to be particularly effective.

    Talos IR recommends raising awareness of phishing and social engineering techniques, as user education is a key part of spotting phishing attempts, countering MFA bypass techniques, and knowing where to report suspicious activity.”

    KnowBe4 empowers your workforce to make smarter security decisions every day. Over 70,000 organizations worldwide trust the KnowBe4 platform to strengthen their security culture and reduce human risk.

    Cisco Talos has the story.

     

    Return To KnowBe4 Security Blog

    Request A Demo: Security Awareness Training

    products-KB4SAT6-2-1New-school Security Awareness Training is critical to enabling you and your IT staff to connect with users and help them make the right security decisions all of the time. This isn't a one and done deal, continuous training and simulated phishing are both needed to mobilize users as your last line of defense. Request your one-on-one demo of KnowBe4's security awareness training and simulated phishing platform and see how easy it can be!

    Request a Demo!

    PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:

    https://www.knowbe4.com/kmsat-security-awareness-training-demo

    Topics: Phishing, Ransomware, Security Culture

    Cindy Zhou

    ABOUT CINDY ZHOU

    Cindy Zhou is an award-winning global executive serving as the Chief Marketing Officer of KnowBe4. With over 20 years of experience in B2B marketing, cybersecurity, revenue operations, and sales development, Cindy has a proven track record of building high-impact marketing organizations that drive qualified leads, robust sales pipelines, industry awareness, and customer loyalty.

    As CMO of KnowBe4, Cindy continues to leverage her extensive experience and industry insights to elevate the company's market presence and drive growth in the ever-evolving cybersecurity industry. Cindy's approach combines strategic vision with practical execution, enabling her to develop and implement marketing strategies that align with business objectives and drive measurable outcomes. Her leadership style fosters innovation, collaboration, and a data-driven mindset within her teams.

    Prior to KnowBe4, Cindy has successfully led marketing transformation initiatives at various technology companies, including LogRhythm, IBM, and Verizon.

    A passionate advocate for women in technology and cybersecurity, Cindy's contributions have been widely recognized in the industry. She has been named a Star CMO by DCA Live in 2023, 2021, and 2019. She was also named a Top 101 B2B Marketing Influencers by CMO Huddles in 2023, and a finalist for the CMO Club Customer Experience Award in 2021. Cindy earned an MBA from Louisiana State University and a BA from the University of Maryland.

    Read more from Cindy »

    Subscribe to Our Blog


    Security Awareness Training
    Blog RSS Feed
    Comprehensive Anti-Phishing Guide
    All Posts

    Posts by Tag

    See all

    Posts By Topic

    View All

    Get the latest about social engineering

    Subscribe to CyberheistNews
    OSZAR »