A new report from the VIPRE Security Group finds that cybercriminals are using trust and urgency to continue to ensnare victims in fraud schemes.
The report, Q4 2025 Email Threat Trends Report, looked at 1.5 billion emails and 500,000 spam messages to identify the trends in security threats for Q4 2025. The report’s findings show that cybercriminals use “trust” against victims, mimicking companies that have trustworthy reputations and using images that look like security protocols to grab user IDs and passwords.
“The Q4 2025 data reveals a troubling evolution in the strategy being adopted by cybercriminals – the systematic weaponization of trust,” Usman Choudhary, General Manager, VIPRE Security Group, said. “Criminals are undoubtedly exploiting technical vulnerabilities, but they are also exploiting human confidence in the familiar – be that impersonating a trusted supervisor or executive, mimicking reputable companies and household brands, or hiding behind enterprise security protocols. They are targeting ‘trust’. Their approach demands that we rethink how we identify and authenticate interactions and security strategies across every communication and business channel.”
The report said callback phishing scams had risen to 18 percent of all phishing incidents, and 500 percent spike in phishing incidents. That trends seems to indicate a resurgence in using human interaction to engage victims.
Additionally, Business Email Compromise remains a phishing threat used by cybercriminals. BEC accounts for 51 percent of all email fraud cases, an indication that corporate environments often lack robust protection.
Cyber attackers are also weaponizing security features designed to protect organizations, VIPRE said Q4 2025 saw an uptick in the use of tools like CAPTCHAs and “I am not a robot” check to block automated security scanners. Those tactics are often paired with sophisticated fake login screens to steal credentials, evade detection and trick users into believing they are interacting with secure, legitimate sites.
In the coming year, IT professionals should expect more personalized and AI-drive BEC attacks, with finance and HR as top targets. Additionally, threat actors will use social engineering based on recent transactions, HR communications and payroll updates.
The group said PDF and Microsoft Office files will continue to dominate in the attachment-based phishing attacks, which will evolve through cloud-based and hybrid delivery of attachments. IT professionals should also be prepared for link-based phishing attacks that will send victims to short-lived or AI-generated landing pages, as well as deepfake and AI-assisted threats to increase the realism of phishing campaigns.