Fortra’s 2025 Email Threat Report Predicts Standard Security Measures Fall Short in the Wake of AI
99% of unblocked email threats were social engineering attacks or contained phishing links
MINNEAPOLIS — March 27, 2025 — Fortra, a global cybersecurity software and services provider, today published the 2025 Email Threat Intelligence Report. Fortra analysts and researchers evaluated over one million unblocked email threats from 2024 to understand how threat actors are bypassing common email security measures to target unsuspecting employees. The report’s predictions and actionable insights give organizations the data necessary to identify and defend against email-based attacks.
Among the findings, response-based social engineering tactics and links to phishing sites comprised 99% of the email threats analyzed. Only 1% of malicious emails that reached user inboxes delivered malware. This shows that while common pre-delivery email defenses are effective at stopping malware, they are far less capable of blocking high risk threats like business email compromise and credential phishing.
Likewise, the report shows adversaries are using simple emails that contain phone numbers and QR codes to lure victims into less secure environments where they can be more easily exploited. These multichannel attacks are difficult to detect because emails themselves are very basic and lack content that is typically flagged by filters. Fortra experts predict adversaries will refine these efforts going forward with generative AI capable of impersonating known individuals and their speech patterns.
The report also shows a 200% increase in misuse of developer tools as well as abuse of legitimate services such as eSignature platforms. Cybercriminals abuse these tools to easily launch phishing attacks and other threats using publicly accessible, trusted infrastructure. Absent more proactive anti-abuse measures by legitimate service providers, this abuse is expected to grow.
“The incorporation of AI and trusted tools, paired with an unimaginable amount of stolen personal data, means today’s phishing campaigns are more likely than ever to compromise users,” said Matt Reck, CEO of Fortra. “Cybercriminals are clever, have financial backing, and will try anything to access valuable systems and data. We all need to know how to keep our guards up, and the findings in this report are a powerful guide.”
About Fortra
Fortra provides advanced offensive and defensive security solutions that deliver comprehensive protection across the cyber kill chain. With complete visibility across the attack chain, access to threat intelligence spanning the globe, and flexible solution delivery, Fortra customers can anticipate criminal behavior and strengthen their defenses in real time. Break the attack chain at fortra.com.
Copyright © Fortra, LLC and its group of companies. Fortra™, the Fortra™ logos, and other identified marks are proprietary trademarks of Fortra, LLC.
