Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Imposter scams were the most commonly reported type of fraud in 2025, with Americans reporting $3.5 billion in losses, according to new data from the US Federal Trade Commission (FTC). Reported losses have increased nearly three times since 2020, and the true number is likely much higher since many scams go unreported. Losses across all types of fraud surged to $16 billion, a 25% increase compared to 2024.

Multiple sophisticated phishing kits are now focusing on harvesting device codes to breach accounts without a password, according to researchers at LevelBlue. “Device code phishing exploits a legitimate Microsoft authentication flow to harvest Microsoft 365 access and refresh tokens without ever capturing a password,” the researchers explain. “The core mechanic is straightforward: whoever initiates the authentication request receives the resulting tokens.

A newly surfaced extortion brand called “Pink” is using voice phishing and fake IT support calls to breach organizations, the Register reports. The threat actor may be a rebrand of prior extortion groups, including BlackFile and Redact, though its tactics remain the same.

Threat actors are increasingly abusing workplace collaboration tools like Microsoft Teams to launch social engineering attacks, according to researchers at Palo Alto Networks’s Unit 42. Attackers are sending Teams messages that impersonate IT personnel, asking users to approve a multifactor authentication prompt. Both criminal and nation-state threat actors are using this social engineering technique to compromise organizations’ environments.

Phishing scams surged across social media platforms during the first quarter of 2026, according to a new report from the Anti-Phishing Working Group (APWG). “Threat volume increased in Q1 2026 on every social media platform, predominantly in two formats: Scams (27.1 percent of all threats) and Impersonation (43.8 percent of all threats),” the report says. The APWG adds, “Impersonation became more prevalent than in the previous quarter.

As employees increasingly rely on AI tools and AI agents in daily workflows, organizations are facing a new workforce security challenge: how to reduce risk without slowing productivity. Security leaders are no longer just protecting systems and identities. They also need to manage how employees interact with AI-generated content, automation, and decision support tools.

The US Federal Bureau of Investigation (FBI) warns that Americans lost just under $900 million to AI-powered scams in 2025, Malwarebytes reports. Total reported losses to scams last year reached nearly $21 billion, a 26% increase from 2024. The researchers note that the true losses are likely much higher, since many attacks go unreported. “The main drivers behind the rise in AI-powered scams are voice cloning, deepfake images and videos, and AI‑generated scripts,” Malwarebytes says.

Phishing has always been a game of impersonation. But for decades, the tell was in the details: a misspelled word here, an awkward sentence there, a logo that was just slightly off. Security awareness training built an entire doctrine around those cues. Spot the typo, avoid the trap. That playbook is now obsolete. KnowBe4's latest Phishing Trends Report found that 86% of phishing attacks observed in the last six months involved some level of AI assistance.

An AI-driven system at a beverage manufacturer recently churned out several hundred thousand excess cans after misreading unfamiliar packaging. The system didn’t recognize the company’s new holiday labels, flagged them as an error, and triggered additional production runs before the company caught the mistake. The system followed its instructions perfectly.

Enterprise AI agent adoption has created a massive blind spot: 83% of organizations have no visibility into what their AI agents are doing, while 86% lack visibility into their AI data flows. With 1 in 3 enterprise employees now using an AI assistant daily — mostly without security governance — this visibility gap has become a critical enterprise risk. The security industry's response splits into two distinct layers.