SecurityBrief India - Technology news for CISOs & cybersecurity decision-makers
India
Guides
#
cloud security
#
cybersecurity
#
endpoint protection
#
firewalls
#
ransomware
Search
Story image
#
Malware
#
Data Protection
#
Hyperscale

Low-tech phishing scams on the rise as criminals shift tactics

Yesterday
Author image
By Shannon Williams, Journalist

VIPRE Security Group has published its Q1 2025 Email Threat Landscape Report, revealing an increase in successful low-tech, human-focused cyberattacks.

The report is based on the analysis of 1.45 billion emails processed globally during the first quarter of 2025. Of these emails, 92 percent were identified as spam, with the majority containing threats aimed at compromising users and organisations.

One of the key findings is the significant rise of callback phishing scams. These attacks, which involve emails or texts urging victims to call a seemingly legitimate phone number, now account for 16 percent of phishing attempts. Callback phishing was not a notable threat in previous years. Its emergence correlates with a 42 percent decrease in link-based phishing methods compared to the same period last year, when links made up 75 percent of phishing attempts. VIPRE attributes this shift to security tools improving at flagging suspicious links, prompting cybercriminals to adopt less detectable methods like callbacks.

Callback phishing is described in the report as a form of social engineering in which individuals are convinced to disclose sensitive information or download malware over the phone. These attacks leave no traces typical of phishing emails with malicious links, making them more difficult for standard scanning technology to detect.

The report also notes a change in the types of files cybercriminals are attaching to malicious emails. SVG (Scalable Vector Graphics) files now make up 34 percent of phishing attachments, coming in just behind PDF files at 36 percent. By embedding JavaScript in an SVG file with a <script> tag, attackers can redirect users to harmful websites when the file is opened in a web browser, thereby bypassing many anti-phishing filters. The US is reported as the primary target for such SVG-based attacks, followed by Europe.

Malware trends have also shifted, with the report highlighting XRed as the most frequently detected malware family in Q1 2025. XRed, described as a backdoor-type malware, was responsible for three times more attacks than the next most prevalent malware, Lumma. Other notable malware families identified include StealC, AgentTesla, and Redline.

VIPRE's data shows that the US dominates as both a source and target for spam and malicious emails. According to the report, 57 percent of all spam messages originated from the US, and 75 percent of malicious emails were received there. The UK and Ireland each accounted for 8 percent of sending and receiving harmful emails during this period.

The variety of file types used to spread malicious software via spam email also appears to be shifting. HTML attachments, once a popular vector for such attacks, made up only 12 percent of malspam strategies. Attackers are increasingly favouring PDF and SVG files due to increased awareness and defences against HTML-based threats.

The manufacturing sector continues to be the most frequently targeted industry for email-based cyberattacks, attracting 36 percent of attacks according to the report. Retail and financial services sectors shared second place, with each drawing 15 percent of the attacks observed during Q1.

Commenting on the findings, Usman Choudhary, Chief Product and Technology Officer at VIPRE Security Group, said: "There's a clear shift in cybercriminals' preference towards low-tech, high-impact, human-centric tactics. This demands a fundamental rethink of email security – one that addresses the human element as vigilantly as the technological."

He continued: "With cybercriminals mastering the art of human deception, and crafting phishing attacks that bypass conventional defenses, email security in turn demands an approach that weaponises cybercriminals' own actions and uses their patterns to create a unique, future-proofed response."

The analysis draws on proprietary intelligence supported by continuous monitoring of cyber threats around the world. VIPRE Security Group compiles this data to support businesses in fortifying their defences against current and emerging email threats.

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X
Related stories
Barracuda warns of surge in advanced phishing email threats
Palo Alto Networks unveils Cortex XSIAM 3.0 with AI upgrades
Forrester warns of deepfakes & AI extortion in 2025 threats
Palo Alto Networks launches Prisma AIRS to secure enterprise AI
Palo Alto Networks unveils Prisma SASE browser for AI security
Top stories
Lionfish launches Aquarium AI for instant market insights
Half of consumers trust brands more when using passkeys
Minimus launches with USD $51 million to cut 95% of CVEs
Graylog unveils Spring 2025 release with enhanced security tools
Tuskira launches AI Analyst Workforce to automate threat defence