2025 saw a huge amount of attacker innovation when it comes to phishing attacks, as attackers continue to double down on identity-based techniques. The continual evolution of phishing means it remains one of the most effective methods available to attackers today — in fact, it’s arguably more effective than ever.
Let’s take a closer look at the key trends that defined phishing attacks in 2025, and what these changes mean for security teams heading into 2026.
#1: Phishing goes omni-channel
We’ve been talking about the rise of non-email phishing for some time now, but 2025 was the year phishing truly went omni-channel.
Although most of the industry’s data on phishing still comes from email security vendors and tools, the picture is starting to change. Roughly 1 in 3 phishing attacks detected by Push Security were delivered outside of email.
There are many examples of phishing campaigns operated outside of email, with LinkedIn DMs and Google Search being the top channels we identified. Notable campaigns include:
Fake private equity fund page hosted on Google Sites.
Custom investment fund landing page hosted on Firebase.
Malvertising link for “Google Ads” taking the top Sponsored Results spot.
Phishing via non-email channels has a number of advantages. With email being the best protected phishing vector, it sidesteps these controls entirely. There’s no need to build up your sender reputation, find ways to trick content analysis engines, or hope your message doesn’t end up in the spam folder.
... continue reading