Evolving Threats Bypass Firewalls | Security Risks

by priyanka.patel tech editor

Cyberattacks Bypass Defenses: Phishing Evolves, Exploiting trusted Services

Despite advanced security measures, attackers are increasingly prosperous at slipping malicious content past firewalls and email filters, relying on refined phishing techniques and exploiting trusted platforms.

The digital threat landscape is shifting,with attackers prioritizing sophistication over brute force. A new report reveals a concerning trend: cybercriminals are improving thier tactics to create more credible threats, making them harder to detect. This isn’t about flashy, AI-generated deepfakes-it’s about a resurgence of expertly crafted, classic phishing attacks, coupled with a broadening of attack vectors beyond traditional email.

The Rise of Refined Phishing

Phishing techniques are becoming increasingly polished, featuring cleaner language, more convincing formatting, and remarkably accurate workflow mimicry. Attackers are no longer relying on obvious red flags; instead, thay’re crafting messages that seamlessly blend into everyday dialog.

This evolution extends beyond email.Phishing kits, particularly itM) kits, are now easier to deploy and pose a significant threat, even to systems protected by multi-factor authentication (MFA).

Attackers are increasingly leveraging the trust associated with established services to deliver their attacks. Abuse of Salesforce’s mailing service, for example, has tripled in just six months, rising from 0.6 percent of malicious emails in January to 1.8 percent in June 2025.

The report also reveals concerning patterns in email sender domains:

  • In Google environments, gmail.com accounted for 30 percent of malicious sender domains, nearly double the 18 percent attributed to outlook.com.
  • In Microsoft environments, gmail.com accounted for six percent of malicious sender domains, tripling the two percent seen with outlook.com.

Shifting Attack Vectors and File Types

While the methods evolve, some elements remain consistent.PDF files continue to be the most common type of malicious attachment, accounting for 23.7 percent of all attacks. They are followed by HTML (5.6 percent), SVG (5.0 percent), Word documents (4.4 percent), and EML files (1.4 percent).

Interestingly, malicious HTML attachments have decreased significantly, falling from 10 percent of attachment-based attacks in 2024 to 5.6 percent in 2025. Similarly, malicious QR codes have seen a dramatic decline, dropping from over 20 percent of threats in 2023 to less than two percent in the first half of 2025.

Regional Variations in Phishing tactics

The report also identifies regional differences in phishing strategies.Voicemail-themed phishing is significantly more prevalent in the United states, likely due to the widespread adoption of voicemail-to-email and Voice over IP (VoIP) systems. In contrast, Asia sees more lures centered around “business opportunity,” while Europe experiences a greater focus on exploiting trust in traditional financial institutions.

The Human Element Remains key

Despite the sophistication of modern cyberattacks, one analyst noted that the essential principles of security remain unchanged. “Attackers may use advanced deepfake tools, but our core psychology is the same as it was twenty thousand years ago when survival depended on noticing what felt out of place in jungles and riverbanks. When employees develop that same instinct in digital environments, they can keep themselves and those around them safe from even highly polished deepfakes because something in the interaction will be out-of-context and it will feel off.”

The full report is available on the Hoxhunt site.

Leave a Comment