2024 phishing trends tell us what to expect in 2025 - Help Net Security

Phishing remains the most common method for cybercriminals to gain initial access to targeted organizations, a trend expected to continue in 2025. Threat actors are increasingly using valid accounts and social engineering tactics, such as CEO-spoofing and targeting help-desk personnel, to compromise systems. To defend against these attacks, organizations should educate employees, implement phishing-resistant authentication, and update IT help-desk policies.