2025 Email Threats Report: AI's Impact on Security Measures

Key Findings from the 2025 Email Threats Report

The 2025 Email Threats Report by Barracuda Networks highlights the evolution of email-based threats, focusing on advanced tactics employed by cybercriminals.

83% of malicious Microsoft 365 documents contain QR codes that lead to phishing websites.

1 in every 4 HTML attachments are malicious.

20% of companies experience at least one account takeover (ATO) incident each month.

12% of malicious PDF attachments are Bitcoin sextortion scams.

Email Threat Landscape Overview

Barracuda's analysis of 670 million emails in February 2025 reveals that email continues to be the most common attack vector, with a staggering 24% of messages classified as either malicious or unwanted spam. The report underlines the need for organizations to adopt stringent security measures to combat these threats, particularly given the high prevalence of malicious attachments and links.

87% of binaries detected were malicious, emphasizing the critical need for policies against executable files sent via email. HTML files, while less common, showed a notable malicious rate of 23%, often utilized for phishing and credential theft.

Insights from Fortra's 2025 Email Threat Intelligence Report

According to Fortra's 2025 Email Threat Intelligence Report, which analyzed over one million unblocked email threats from 2024, response-based social engineering tactics and links to phishing sites constituted 99% of the examined threats. Only 1% of malicious emails delivered malware, indicating that pre-delivery email defenses are more effective against malware than against sophisticated phishing attacks.

The report highlights the increasing sophistication of adversaries, utilizing simple emails with phone numbers and QR codes to lure victims into insecure environments, making detection challenging. As cybercriminals adopt generative AI to refine their tactics, the need for robust security practices becomes even more paramount.

“The incorporation of AI and trusted tools, paired with an unimaginable amount of stolen personal data, means today’s phishing campaigns are more likely than ever to compromise users,” stated Matt Reck, CEO of Fortra.

Specific Threats Highlighted

The report emphasizes several alarming trends:

• Phishing and Account Takeovers: Approximately 20% of organizations face at least one ATO incident monthly. Attackers exploit weak passwords and phishing schemes to gain access.
• Malicious QR Codes: A significant percentage of malicious attachments, including 68% of PDFs and 83% of Microsoft documents, contain QR codes directing users to phishing sites.
• Bitcoin Sextortion Scams: These scams account for 12% of malicious PDF attachments, highlighting the need for vigilance against fear-based tactics.

Advanced Threat Detection and Recommendations

Olesia Klevchuk, Barracuda’s product marketing director for Email Protection, remarked, “Email remains the most common attack vector for cyberthreats because it provides an easy entry point into corporate networks.” A multi-layered approach to email security is crucial, incorporating AI-driven threat detection and best practices, such as implementing DMARC to thwart impersonation attacks.

As organizations navigate the evolving threat landscape, staying informed about the latest risks and adopting comprehensive security measures are essential for safeguarding against email-based attacks.

Explore how Gopher Security can help enhance your email security strategy and protect your organization against these emerging threats.