Zscaler ThreatLabz Uncovers Surge in AI-Driven Cyberattacks Targeting Critical Business Operations
Zscaler (NASDAQ: ZS) has released its 2025 Phishing Report, analyzing over 2 billion blocked phishing attempts in 2024. The report reveals a significant shift in cyber attack patterns, with global phishing declining 20% but becoming more targeted and sophisticated through AI exploitation.
Key findings show cybercriminals are now focusing on high-impact business functions, particularly IT, HR, finance, and payroll teams. While phishing decreased 32% in the U.S., emerging markets like Brazil, Hong Kong, and the Netherlands saw increased activity. The report identified 159,148,766 tech support scam hits in 2024.
Popular platforms like Telegram, Steam, and Facebook have become primary vectors for phishing attacks and malware delivery. Criminals are leveraging Generative AI to create convincing phishing lures, fake websites, and deepfake content for social engineering. New scams include impersonating AI tools and assistants to steal credentials and payment data.
Zscaler (NASDAQ: ZS) ha pubblicato il suo Rapporto sul Phishing 2025, analizzando oltre 2 miliardi di tentativi di phishing bloccati nel 2024. Il rapporto evidenzia un cambiamento significativo nei modelli di attacco informatico, con un calo globale del phishing del 20%, ma con un aumento della precisione e della sofisticazione grazie allo sfruttamento dell'IA.
I risultati chiave mostrano come i cybercriminali si stiano ora concentrando su funzioni aziendali ad alto impatto, in particolare i team IT, HR, finanza e payroll. Mentre negli Stati Uniti il phishing è diminuito del 32%, nei mercati emergenti come Brasile, Hong Kong e Paesi Bassi si è registrata un’attività in aumento. Il rapporto ha identificato 159.148.766 casi di truffe di supporto tecnico nel 2024.
Le piattaforme più diffuse come Telegram, Steam e Facebook sono diventate i principali vettori per attacchi di phishing e distribuzione di malware. I criminali sfruttano l’IA generativa per creare esche di phishing convincenti, siti web falsi e contenuti deepfake per l’ingegneria sociale. Le nuove truffe includono l’imitazione di strumenti e assistenti IA per rubare credenziali e dati di pagamento.
Zscaler (NASDAQ: ZS) ha publicado su Informe de Phishing 2025, analizando más de 2 mil millones de intentos de phishing bloqueados en 2024. El informe revela un cambio significativo en los patrones de ciberataques, con una disminución global del phishing del 20%, pero volviéndose más dirigido y sofisticado mediante la explotación de IA.
Los hallazgos clave muestran que los ciberdelincuentes ahora se enfocan en funciones empresariales de alto impacto, especialmente en los equipos de TI, RRHH, finanzas y nómina. Mientras que el phishing disminuyó un 32% en EE.UU., mercados emergentes como Brasil, Hong Kong y Países Bajos registraron un aumento de actividad. El informe identificó 159.148.766 casos de estafas de soporte técnico en 2024.
Plataformas populares como Telegram, Steam y Facebook se han convertido en los principales vectores para ataques de phishing y distribución de malware. Los criminales aprovechan la IA generativa para crear señuelos de phishing convincentes, sitios web falsos y contenido deepfake para ingeniería social. Las nuevas estafas incluyen la suplantación de herramientas y asistentes de IA para robar credenciales y datos de pago.
Zscaler (NASDAQ: ZS)는 2024년에 차단된 20억 건 이상의 피싱 시도를 분석한 2025년 피싱 보고서를 발표했습니다. 보고서는 전 세계 피싱 시도가 20% 감소했지만 AI를 활용한 공격이 더욱 정교하고 표적화되고 있음을 보여줍니다.
주요 결과에 따르면 사이버 범죄자들은 이제 IT, 인사(HR), 재무, 급여 팀 등 영향력이 큰 비즈니스 기능에 집중하고 있습니다. 미국에서는 피싱이 32% 감소했으나 브라질, 홍콩, 네덜란드와 같은 신흥 시장에서는 활동이 증가했습니다. 보고서는 2024년에 159,148,766건의 기술 지원 사기를 확인했습니다.
Telegram, Steam, Facebook과 같은 인기 플랫폼이 피싱 공격과 악성코드 유포의 주요 경로가 되었습니다. 범죄자들은 생성형 AI를 활용해 설득력 있는 피싱 미끼, 가짜 웹사이트, 딥페이크 콘텐츠를 만들어 사회공학 공격에 이용하고 있습니다. 새로운 사기 수법에는 AI 도구와 어시스턴트를 가장해 자격 증명과 결제 정보를 탈취하는 사례가 포함됩니다.
Zscaler (NASDAQ : ZS) a publié son Rapport sur le Phishing 2025, analysant plus de 2 milliards de tentatives de phishing bloquées en 2024. Le rapport révèle un changement significatif dans les modes d’attaque cybernétique, avec une baisse mondiale du phishing de 20 %, mais une montée en sophistication et en ciblage grâce à l’exploitation de l’IA.
Les principales conclusions montrent que les cybercriminels se concentrent désormais sur des fonctions métiers à fort impact, notamment les équipes IT, RH, finances et paie. Alors que le phishing a diminué de 32 % aux États-Unis, les marchés émergents comme le Brésil, Hong Kong et les Pays-Bas ont connu une hausse d’activité. Le rapport a identifié 159 148 766 cas d’arnaques au support technique en 2024.
Des plateformes populaires telles que Telegram, Steam et Facebook sont devenues les vecteurs principaux des attaques de phishing et de la diffusion de malwares. Les criminels utilisent l’IA générative pour créer des appâts de phishing convaincants, des sites web factices et des contenus deepfake pour l’ingénierie sociale. Les nouvelles arnaques incluent l’usurpation d’outils et d’assistants IA pour voler des identifiants et des données de paiement.
Zscaler (NASDAQ: ZS) hat seinen Phishing-Bericht 2025 veröffentlicht, in dem über 2 Milliarden abgewehrte Phishing-Versuche im Jahr 2024 analysiert wurden. Der Bericht zeigt eine deutliche Veränderung der Cyberangriffsmuster: Globaler Phishing nimmt um 20 % ab, wird jedoch durch die Ausnutzung von KI zielgerichteter und raffinierter.
Wesentliche Erkenntnisse zeigen, dass Cyberkriminelle sich nun auf geschäftskritische Funktionen konzentrieren, insbesondere IT-, Personal-, Finanz- und Gehaltsabrechnungsteams. Während Phishing in den USA um 32 % zurückging, stieg die Aktivität in aufstrebenden Märkten wie Brasilien, Hongkong und den Niederlanden. Der Bericht identifizierte 159.148.766 Fälle von Techniksupport-Betrug im Jahr 2024.
Beliebte Plattformen wie Telegram, Steam und Facebook sind zu Hauptvektoren für Phishing-Angriffe und Malware-Verbreitung geworden. Kriminelle nutzen generative KI, um überzeugende Phishing-Köder, gefälschte Webseiten und Deepfake-Inhalte für Social Engineering zu erstellen. Neue Betrugsmaschen umfassen die Nachahmung von KI-Tools und Assistenten, um Zugangsdaten und Zahlungsinformationen zu stehlen.
- Global phishing attempts decreased by 20% overall
- Company's cloud security platform analyzed over 2 billion blocked phishing attempts
- Rising email authentication standards improving security measures
- Cybercriminals increasingly targeting critical business operations with AI-powered attacks
- Emerging markets experiencing surge in phishing activity due to security investment lag
- New sophisticated AI-driven threats potentially bypassing traditional security measures
Zscaler’s 2025 Phishing Report reveals cybercriminals are exploiting AI to launch precise attacks, underscoring the need for Zero Trust + AI powered defenses
Key Findings:
- Global phishing is down
20% , but attackers are striking deeper, not wider—targeting IT, HR, finance, and payroll teams with high-impact campaigns. - Telegram, Steam, and Facebook are top platforms for phishing – used for both impersonation and malware delivery.
- Tech support and job scams increase with 159M+ hits in 2024, preying on users across social platforms.
SAN JOSE, Calif., April 24, 2025 (GLOBE NEWSWIRE) -- Zscaler, Inc. (NASDAQ: ZS), the leader in cloud security, today published its Zscaler ThreatLabz 2025 Phishing Report, analyzing over two billion blocked phishing attempts between January and December 2024 captured by the Zscaler Zero Trust Exchange™, the world’s largest cloud security platform. The annual report exposes how cybercriminals are using Generative AI to launch surgical, targeted attacks against high-impact business functions – and why a Zero Trust + AI defense strategy is mission critical. The report uncovers a shift from high-volume email blasts to targeted, AI-fueled attacks designed to evade defenses and exploit human behavior. It also offers actionable insight to help organizations defend against this evolving threat landscape.
“The phishing game has changed. Attackers are using GenAI to create near-flawless lures and even outsmart AI-based defenses,” said Deepen Desai, CSO and Head of Security Research, Zscaler. “Cybercriminals are weaponizing AI to evade detection and manipulate victims, which means organizations must leverage equally advanced AI-powered defenses to outpace these emerging threats. Our research reinforces the importance of adopting a proactive, multi-layered approach—combining robust zero trust architecture with advanced AI-driven phishing prevention—to effectively combat the rapidly evolving threat landscape.”
Emerging markets see a surge in phishing activity
While phishing dropped overall by
Community platforms fuel phishing growth
Phishing campaigns are increasingly abusing community-based platforms like Facebook, Telegram, Steam, and Instagram – not only spoofing their brands, but using them to distribute malware, mask C2 communications, gather target intel, and carry out social engineering attacks. Meanwhile, tech support scams, where attackers pose as IT support teams to exploit urgency and safety concerns of victims, remain widespread with 159,148,766 hits in 2024.
Threat actors capitalize on AI: Phishing-as-a-Service and AI deception on the rise
Cybercriminals are using GenAI to scale attacks, generate fake websites, and craft deepfake voice, video, and text for social engineering. New scams mimic AI tools – such as resume generators and design platforms – tricking users into handing over credentials or payment data. Critical departments like payroll, finance, and HR are prime targets, along with executives – as they hold the keys to sensitive systems, information, and processes, and can more easily approve fraudulent payments.
Cybercriminals are also creating fake “AI assistant” or “AI agent” websites, falsely offering services such as resume generation, graphic design, workflow automation, and more. As AI tools become increasingly integrated into daily life, attackers are capitalizing on the ease of use and trust around AI to drive unsuspecting users to fraudulent sites.
Zscaler can help: Defending against AI threats with Zero Trust everywhere + AI
As cybercriminals continue to use GenAI to develop new tactics and deliver more sophisticated attacks, enterprises need to strengthen their defenses against every type of compromise.
The Zscaler Zero Trust Exchange protects users, applications, and data across all phases of the attack chain by:
- Minimizing the attack surface
- Preventing initial compromise
- Eliminating lateral movement
- Shutting down insider threats
- Stopping data loss
Zscaler AI-powered offerings add advanced protection by securing public AI use, shielding private AI models, and detecting AI-generated threats.
Download the Report
Get the full ThreatLabz 2025 Phishing Report to explore emerging trends and attack vectors. Learn why a Zero Trust + AI approach is critical to staying ahead of today’s phishing threats. Download today.
Research Methodology
Zscaler ThreatLabz analyzed 2 billion blocked phishing transactions between January–December 2024, exploring various aspects including the top phishing attacks, targeted countries, hosting countries for phishing content, distribution of company types based on server IP addresses, and the top referrers linked to these phishing attacks. Additionally, ThreatLabz tracked and examined notable phishing trends and use cases observed throughout 2024.
About ThreatLabz
ThreatLabz is the security research arm of Zscaler. This world-class team is responsible for hunting new threats and ensuring that the thousands of organizations using the global Zscaler platform are always protected. In addition to malware research and behavioral analysis, team members are involved in the research and development of new prototype modules for advanced threat protection on the Zscaler platform, and regularly conduct internal security audits to ensure that Zscaler products and infrastructure meet security compliance standards. ThreatLabz regularly publishes in-depth analyses of new and emerging threats on its portal, research.zscaler.com.
About Zscaler
Zscaler (NASDAQ: ZS) accelerates digital transformation so customers can be more agile, efficient, resilient, and secure. The Zscaler Zero Trust Exchange™ platform protects thousands of customers from cyberattacks and data loss by securely connecting users, devices, and applications in any location. Distributed across more than 150 data centers globally, the SASE-based Zero Trust Exchange is the world’s largest in-line cloud security platform.
Media Contacts
Nick Gonzalez
Sr. Manager, Media Relations
press@zscaler.com
A photo accompanying this announcement is available at https://www.globenewswire.com/NewsRoom/AttachmentNg/6b96dd38-9f87-4353-85b3-13a0086fc129
FAQ
What are the key findings from Zscaler's 2025 Phishing Report?
How are cybercriminals using AI in phishing attacks according to ZS?
Which platforms are most targeted for phishing attacks in 2024?
How has the geographic distribution of phishing attacks changed?
