The Good Tech Companies - SpyCloud Data Shows Corporate Users 3x More Likely to Be Targeted by Phishing Than By Malware
Episode Date: December 4, 2025This story was originally published on HackerNoon at: https://hackernoon.com/spycloud-data-shows-corporate-users-3x-more-likely-to-be-targeted-by-phishing-than-by-malware. ... Nearly 40% of the 28+ million recaptured phished records containing a business email address – compared to just 11.5% in recaptured malware data. SpyCloud is th Check more stories related to cybersecurity at: https://hackernoon.com/c/cybersecurity. You can also check exclusive content about #cybersecurity, #spycloud, #cybernewswire, #press-release, #cyber-security-awareness, #cybersecurity-tips, #cybercrime, #good-company, and more. This story was written by: @cybernewswire. Learn more about this writer by checking @cybernewswire's about page, and for more stories, please visit hackernoon.com. SpyCloud releases new data showing a sharp rise in phishing attacks that disproportionately target corporate users. Nearly 40% of the 28+ million recaptured phished records containing a business email address – compared to just 11.5% in recaptured malware data. SpyCloud is the only provider recapturing and automatically remediating successfully phished identity data and targeting lists at scale.
Transcript
Discussion (0)
This audio is presented by Hacker Noon, where anyone can learn anything about any technology.
SpyCloud data shows corporate users 3X more likely to be targeted by phishing than by malware,
by Cyber Newswire.
Austin, Texas, USA, December 4, 2025, Cyber NewsWire, Fishing has surged 400% year-over-year,
highlighting need for real-time visibility into identity exposures.
SpyCloud, the leader in identity threat protection, today released new data showing
a sharp rise in fishing attacks that disproportionately target corporate users.
The company tracked a 400% year-over-year increase in successfully fished identities,
with nearly 40% of the 28-plus million recaptured fished records containing a business email
address, compared to just 11.5% in recaptured malware data.
The result is a warning to enterprises that their workforce is three times more likely
to be targeted with fishing attacks than info-stealer malware.
The findings reinforce a growing shift.
in cyber criminals strategy. Fishing is now the preferred gateway into enterprise environments,
and SpyCloud sees this trend continuing in 2026. Threat actors are using this access as a
launchpad for follow-on attacks, with Spy Cloud reporting in its 2025 identity threat report
that Fishing is now the leading entry point for ransomware, accounting for 35% of all ransomware
infections. Greater than, Fishing is now one of the most scalable tool cybercriminals used to breach
greater than enterprise environments, said Trevor Hillegos, Spike Cloud's head of security, research.
Greater than Cybercrime enablement services, like Fishing as a service kits that automate
greater than convincing lures and adversary in the middle tactics that capture MFA tokens greater
than incession cookies, put advanced tactics into the hands of low-skilled greater than actors,
making it easier than ever to compromise users at scale.
Spike Cloud's greater than visibility into these campaigns gives organizations a critical edge,
helping greater than them detect who's been targeted and what data has been exposed and remediate greater
than those credentials before they can be weaponized. SpyCloud is the only provider recapturing
and automatically remediating success fully fished identity data and targeting lists at scale
before follow-on attacks like ransomware, fraud, and account takeover can occur.
Greater than many organizations rely on traditional defenses like email filtering, greater than endpoint
protection and employee education to stop fishing in malware greater than attempts, but those tools
only go so far, said Damon Flurry, Spike Cloud's chief product officer. Greater than, attackers are
still getting through, and when they do, it's the exposed greater than identity data that enables
further harm. Security teams need to be vigilant greater than about what's already been compromised
and circulating in the criminal greater than underground. Prevention is important, but without
real-time visibility and greater than post-compromise remediation, it's not enough. While fishing has
become a dominant entry point, malware remains a critical threat vector. In the age of remote work and
bring your own device policies, personal exposures are increasingly used to compromise enterprise
enterprise environments. A recent example is the 2025 NICA breach, where malware on a personal device
led to the compromise of sensitive corporate data. Despite only 11, 5% of recaptured malware infection
exfiltrating business email addresses directly, SpyCloud data shows that nearly one in two corporate
users have been the victim of an infestiler malware infection in their digital history,
whether that be on a managed or unmanaged device. A strong indicator that threat actors are moving
laterally from personal to corporate accounts. Greater than, protecting the enterprise means
looking beyond corporate accounts, flurry greater than added. Greater than, due to the continuous
reuse of passwords and shared identity data across work greater than in personal
accounts like mobile numbers, the line between a user's personal greater than digital history
and their professional access effectively no longer exists. Greater than that's why it's
essential to monitor and remediate exposures across the full greater than spectrum of an
individual's digital identity, personal and professional. SpyCloud is the leader in holistic identity
protection, detecting and protecting organizations from the phishing, malware, and breach
exposures of employees, contractors, and vendors across personal and professional identities.
Users can click here to learn more about SPY-C-L-O-U-D.
SpyCloud transforms recaptured darknet data to disrupt cybercrime.
Its automated identity threat protection solutions leverage advanced analytics and AI to
proactively prevent ransomware and account takeover, detect insider threats, safeguard employee
and consumer identities, and accelerate cybercrime investigations.
SpyCloud's data from breaches, malware-infected devices, and successful fishis also powers many
popular dark web monitoring and identity theft protection offerings. Customers include seven of the
Fortune 10, along with hundreds of global enterprises, mid-sized companies, and government agencies
worldwide. Headquartered in Austin, Texas, SpyCloud is home to more than 200 cybersecurity experts
whose mission is to protect businesses and consumers from the stolen identity data criminals
are using to target them now. To learn more and see insights on their company's exposed data,
users can visit SpyCloud.com contact senior account director Emily Brown
REQ on behalf of SpyCloud SpyCloud at Rec.
CO This Story was published as a press release by Chainwire under Hackernoon Business
Blogging Program. Do your own research before making any financial decision.
Thank you for listening to this Hackernoon story, read by artificial intelligence.
Visit hackernoon.com to read, write, learn and publish.