惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

博客园_首页
阮一峰的网络日志
阮一峰的网络日志
S
Secure Thoughts
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
C
Cyber Attacks, Cyber Crime and Cyber Security
T
Threat Research - Cisco Blogs
P
Privacy & Cybersecurity Law Blog
The Hacker News
The Hacker News
H
Heimdal Security Blog
W
WeLiveSecurity
L
LINUX DO - 热门话题
Hacker News: Ask HN
Hacker News: Ask HN
WordPress大学
WordPress大学
The Last Watchdog
The Last Watchdog
Hugging Face - Blog
Hugging Face - Blog
博客园 - 【当耐特】
D
DataBreaches.Net
I
Intezer
Webroot Blog
Webroot Blog
C
Cisco Blogs
AWS News Blog
AWS News Blog
博客园 - 聂微东
T
The Blog of Author Tim Ferriss
V
Vulnerabilities – Threatpost
罗磊的独立博客
Google DeepMind News
Google DeepMind News
N
Netflix TechBlog - Medium
Schneier on Security
Schneier on Security
宝玉的分享
宝玉的分享
博客园 - 叶小钗
PCI Perspectives
PCI Perspectives
D
Docker
Scott Helme
Scott Helme
NISL@THU
NISL@THU
J
Java Code Geeks
B
Blog RSS Feed
Google Online Security Blog
Google Online Security Blog
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
T
The Exploit Database - CXSecurity.com
AI
AI
美团技术团队
Cloudbric
Cloudbric
月光博客
月光博客
P
Proofpoint News Feed
T
Tailwind CSS Blog
Google DeepMind News
Google DeepMind News
小众软件
小众软件
www.infosecurity-magazine.com
www.infosecurity-magazine.com
The Cloudflare Blog
cs.CV updates on arXiv.org
cs.CV updates on arXiv.org

Press Releases

Aston Martin F1 & Zscaler: Speed Meets Security Zscaler Debuts ZAgent and Extends SASE Protection Zscaler report: AI brings lethal precision to cybercrime Zscaler Unites with Tech Leaders to Secure Enterprise AI Zscaler Unveils New Product Innovations to Secure Agentic AI Zscaler Announces Intent to Acquire Symmetry Systems, Inc. Zscaler Partners with GSIs to Launch Project AI-Guardian Zscaler and Alstom mark a decade of Zero Trust transformation to secure a cloud-first, mobile workforce and modernize operations | Zscaler Zscaler Recognized as Google Cloud Partner of the Year - Security Zscaler ZIA Achieves DoW Impact Level 5 Authorization Zscaler Expands Global Sovereignty on Zero Trust Exchange Zscaler & Singtel Singapore Bring Zero Trust Security SEA Zscaler, Together With Bharti Airtel, Announce Launch of AI & Cyber Threat Research Center to Advance Cyber Resilience and Trusted AI Adoption | Zscaler Zscaler Acquires SquareX to Advance Zero Trust Browser Security for the AI Era | Zscaler Zscaler Unveils New Innovations to Secure Enterprise AI Adoption Zscaler 2026 AI Security Report: Trends and Security Issues Zscaler Expands in Malaysia With New Data Center in Kuala Lumpur Dr. Swamy Kocherlakota to Lead Agentic AI Security Engineering Zscaler Appoints Sunil Frida as Chief Marketing Officer Zscaler recognized as AWS Marketplace Partner of the Year Zscaler and Microsoft Partner in Entra Agent ID Partner Ecosystem Zscaler Reveals 67% Jump in Android Malware & 40% of IoT Attacks Zscaler Acquires Innovative AI Security Pioneer SPLX Zscaler Announces New Innovations for Improved Digital Experience Zscaler announces advancements for U.S. Federal Civilian and DoD Zscaler Completes 2024 IRAP Assessment Zscaler and CrowdStrike Expand Partnership for Better AI Security Zscaler Completes Acquisition of Red Canary Ransomware Surges as Attempts Spike 146% IT Resilience Undermined by Lack of Support for Team Wellbeing Zscaler Extends Zero Trust to Cellular Communications for IoT/OT Zero Trust Security Reduces Cyber Insurance Claims Zscaler Achieves ISV Competencies In Three Categories Zscaler Unveils Latest AI Innovations on stage at Zenith Live Zscaler Launches New Solutions at Zenith Live Las Vegas Kevin Rubin Joins Zscaler as Chief Financial Officer Zscaler signed a definitive agreement to acquire Red Canary Zscaler, A Leader Once Again In The 2025 Gartner MQ for SSE Zscaler Leads by Example and Achieves DoD’s CMMC Level 2 Certific Raj Judge to Join Zscaler and Board of Directors Zscaler Leads by Example and Achieves DoW’s CMMC Level 2 Certific Zscaler Listed in AWS “ICMP” for the US Federal Government ThreatLabz Announces Findings From Its 2025 VPN Risk Report Zscaler Deployed Across T-Mobile Operations Report Finds an Over 3,000% Surge in Enterprise Use of AI/ML Tool Zscaler Introduces Zscaler Asset Exposure Management Survey Reveals Urgent Need to Prioritize Zero Trust Adoption Zscaler Offers Integrated Zero Trust Solution for RISE with SAP Nokia Turns to Zscaler to Modernize Security Architecture Zscaler Finds Over 87% of Cyberthreats Hide in Encrypted Traffic Zscaler Extend Zero Trust to Branches, Factories and Clouds Zscaler Expands Business Continuity Solution for Cloud & Endpoint Zscaler and Okta announced four new cybersecurity integrations Zscaler Identifies Malicious Apps with Over 8M Installs Zscaler Surpasses Half a Trillion Daily Transactions TOYOTA GAZOO Selects Zscaler to Protect Users Globally Zscaler Appoints Security Industry Veteran Adam Geller as CPO Zscaler and CrowdStrike announce new cyber security integrations Zscaler Opens New Point-of-Presence in Western Australia
Zscaler ThreatLabz Uncovers Surge in AI-Driven Cyberattacks
2025-04-24 · via Press Releases

Key Findings:

  • Global phishing is down 20%, but attackers are striking deeper, not wider—targeting IT, HR, finance, and payroll teams with high-impact campaigns.
  • Telegram, Steam, and Facebook are top platforms for phishing – used for both impersonation and malware delivery.
  • Tech support and job scams increase with 159M+ hits in 2024, preying on users across social platforms.

Zscaler, Inc. (NASDAQ: ZS), the leader in cloud security, today published its Zscaler ThreatLabz 2025 Phishing Report, analyzing over two billion blocked phishing attempts between January and December 2024 captured by the Zscaler Zero Trust Exchange™, the world’s largest cloud security platform. The annual report exposes how cybercriminals are using Generative AI to launch surgical, targeted attacks against high-impact business functions – and why a Zero Trust + AI defense strategy is mission critical. The report uncovers a shift from high-volume email blasts to targeted, AI-fueled attacks designed to evade defenses and exploit human behavior. It also offers actionable insight to help organizations defend against this evolving threat landscape.

“The phishing game has changed. Attackers are using GenAI to create near-flawless lures and even outsmart AI-based defenses,” said Deepen Desai, CSO and Head of Security Research, Zscaler. “Cybercriminals are weaponizing AI to evade detection and manipulate victims, which means organizations must leverage equally advanced AI-powered defenses to outpace these emerging threats. Our research reinforces the importance of adopting a proactive, multi-layered approach—combining robust zero trust architecture with advanced AI-driven phishing prevention—to effectively combat the rapidly evolving threat landscape.”

Emerging markets see a surge in phishing activity
While phishing dropped overall by 20% globally and by nearly 32% in the U.S., due in part to rising email authentication standards, attackers transitioned just as fast, launching more attacks on emerging markets like Brazil, Hong Kong, and the Netherlands, often where digital adoption outpaces security investment.  Established targets like India, Germany, and the UK remain under sustained pressure, as threat actors adapt to local patterns and seasonal trends.

Community platforms fuel phishing growth
Phishing campaigns are increasingly abusing community-based platforms like Facebook, Telegram, Steam, and Instagram – not only spoofing their brands, but using them to distribute malware, mask C2 communications, gather target intel, and carry out social engineering attacks. Meanwhile, tech support scams, where attackers pose as IT support teams to exploit urgency and safety concerns of victims, remain widespread with 159,148,766 hits in 2024.

Threat actors capitalize on AI: Phishing-as-a-Service and AI deception on the rise
Cybercriminals are using GenAI to scale attacks, generate fake websites, and craft deepfake voice, video, and text for social engineering. New scams mimic AI tools – such as resume generators and design platforms – tricking users into handing over credentials or payment data. Critical departments like payroll, finance, and HR are prime targets, along with executives – as they hold the keys to sensitive systems, information, and processes, and can more easily approve fraudulent payments.

Cybercriminals are also creating fake “AI assistant” or “AI agent” websites, falsely offering services such as resume generation, graphic design, workflow automation, and more. As AI tools become increasingly integrated into daily life, attackers are capitalizing on the ease of use and trust around AI to drive unsuspecting users to fraudulent sites.

Zscaler can help: Defending against AI threats with Zero Trust everywhere + AI
As cybercriminals continue to use GenAI to develop new tactics and deliver more sophisticated attacks, enterprises need to strengthen their defenses against every type of compromise.

The Zscaler Zero Trust Exchange protects users, applications, and data across all phases of the attack chain by:

  • Minimizing the attack surface
  • Preventing initial compromise
  • Eliminating lateral movement
  • Shutting down insider threats 
  • Stopping data loss

Zscaler AI-powered offerings add advanced protection by securing public AI use, shielding private AI models, and detecting AI-generated threats.

Download the Report
Get the full ThreatLabz 2025 Phishing Report to explore emerging trends and attack vectors. Learn why a Zero Trust + AI approach is critical to staying ahead of today’s phishing threats. Download today.

Research Methodology
Zscaler ThreatLabz analyzed 2 billion blocked phishing transactions between January–December 2024, exploring various aspects including the top phishing attacks, targeted countries, hosting countries for phishing content, distribution of company types based on server IP addresses, and the top referrers linked to these phishing attacks. Additionally, ThreatLabz tracked and examined notable phishing trends and use cases observed throughout 2024.

About ThreatLabz
ThreatLabz is the security research arm of Zscaler. This world-class team is responsible for hunting new threats and ensuring that the thousands of organizations using the global Zscaler platform are always protected. In addition to malware research and behavioral analysis, team 
members are involved in the research and development of new prototype modules for advanced threat protection on the Zscaler platform, and regularly conduct internal security audits to ensure that Zscaler products and infrastructure meet security compliance standards. ThreatLabz regularly publishes in-depth analyses of new and emerging threats on its portal, research.zscaler.com.