Darktrace detected more than 32 million high-confidence phishing emails in 2025, revealing a sharp surge in automated, identity-driven attacks that increasingly bypass traditional defenses. Identity compromise—particularly Microsoft 365 and SaaS account takeovers—has overtaken vulnerability exploitation as the primary entry vector, highlighting the need for real-time identity-centric security. #Darktrace #Microsoft365
Keypoints
- Darktrace detected over 32 million high-confidence phishing emails in 2025, driven by automation and accelerating attacker speed.
- More than 8.2 million phishing emails targeted VIPs, 70% passed DMARC, 41% were spear-phishing, and 38% used novel social engineering.
- Attack vectors included 1.6 million emails from newly created domains and 1.2 million containing malicious QR codes.
- Identity compromise has eclipsed vulnerability exploitation as the dominant entry vector, with credential theft, hijacked tokens, and abused permissions enabling stealthy lateral movement.
- Regional trends show SaaS and Microsoft 365 account takeovers dominating incidents in the Americas, rising ransomware in Africa, and widespread AI-driven threats in APJ amid limited AI governance.
Read More: https://www.infosecurity-magazine.com/news/32m-phishing-emails-detected-2025/