An analytical reference on phishing in 2026 — channel evolution data, AI-impact analysis, and what the numbers reveal about the largest attack vector in modern fraud.
Phishing accounted for an estimated 84% of social engineering-based fraud in 2025. The category remains the single largest attack vector across consumer and business fraud, with the Anti-Phishing Working Group documenting approximately 6.4 million unique phishing sites identified during the year.
Three measurable shifts have defined the 2025 phishing landscape:
| Dimension | 2022 | 2025 | Change |
|---|---|---|---|
| Email share of phishing | 78% | 61% | -17pp |
| SMS phishing share | 9% | 23% | +14pp |
| Voice phishing share | 8% | 11% | +3pp |
| Other channels (QR, social) | 5% | 5% | No change |
| Phishing emails defeating content-based detection | ~24% | ~47% | +23pp |
| Active phishing sites identified annually | ~3.5M | ~6.4M | +83% |
Channel share calculated from APWG and FTC reports combining phishing-attempt data across multiple sources. Content-based detection defeat rate reflects email security analyst aggregated reporting.
The shifts reveal three structural patterns: phishing has expanded across new channels rather than simply growing in volume, AI-enabled content quality has materially eroded traditional detection signals, and the absolute scale of operations has nearly doubled despite improved detection infrastructure.
Brand impersonation remains the dominant phishing technique. The pattern works because most recipients actually have accounts with the impersonated services — creating high relevance for substantial percentages of any mass-distributed campaign.
| Brand | Share Of Brand Impersonation | Primary Pretext |
|---|---|---|
| Microsoft | 24% | Office 365 password expiration, account suspension |
| Amazon | 18% | Unauthorized order, account verification |
| Apple | 11% | iCloud storage, Apple ID verification |
| PayPal | 9% | Account limitations, suspicious activity |
| 7% | Drive sharing, account security | |
| Netflix | 5% | Payment failure, account suspension |
| Banks (aggregate) | 14% | Account verification, fraud alerts |
| Other | 12% | Various retailers, services |
Aggregate share of brand impersonation reports. Many phishing operations use multiple brand pretexts across campaign waves.
The concentration in technology platforms (Microsoft, Apple, Google) reflects their universal reach — virtually all U.S. adults have at least one account with these providers. Amazon's high share reflects its position as the dominant e-commerce platform, with order-confirmation pretexts achieving high credibility because most recipients actually have recent or upcoming orders.
Bank impersonation, though distributed across multiple institutions, totals 14% of reports — the largest sector-aggregated category. The bank phishing subset shows distinctive characteristics: higher loss per successful attempt (due to direct financial access), greater use of voice follow-up after initial email/SMS contact, and more sophisticated infrastructure including spoofed bank phone numbers.
SMS phishing ("smishing") has grown faster than any other phishing category, expanding from 9% of phishing reports in 2022 to 23% in 2025. Several structural factors drive the growth:
| Factor | Effect |
|---|---|
| Bypasses email filtering infrastructure | Higher delivery rates than email |
| Mobile-context urgency | Encourages rapid action over careful evaluation |
| Short message format | Limits visible signals users might evaluate |
| Personal mobile numbers widely available | Targeting infrastructure improved via data breaches |
| Sender ID spoofing capabilities | Can appear from any source including legitimate brands |
| Carrier-level fraud detection less mature | Detection systems lag email infrastructure |
The 2025 SMS phishing pattern distribution:
| Pattern | Share Of Smishing Reports | Typical Capture Goal |
|---|---|---|
| Package delivery | 34% | Payment info via "redelivery fee" |
| Bank alert | 21% | Account credentials via voice follow-up |
| Tax authority | 14% | Personal info, payment |
| Family emergency | 11% | Wire transfer, gift card payment |
| Toll/parking violation | 9% | Payment info |
| Account verification (various) | 7% | Credentials |
| Other | 4% | Various |
The package delivery pattern's dominance reflects effective psychological targeting — most Americans have packages in transit at any given time, creating high baseline relevance for "delivery problem" messages. The urgency framing typical of these messages ("Your package will be returned in 24 hours") encourages immediate action over careful verification. The small fee amounts ($2.99-$5.99) seem reasonable enough to defeat suspicion thresholds.
2025 was the first year showing measurable AI impact on phishing effectiveness. The data reveals the inflection in several observable dimensions:
| Detection Heuristic | 2022 Effectiveness | 2025 Effectiveness |
|---|---|---|
| "Grammatical errors as signal" | High | Low (largely obsolete) |
| "Awkward phrasing detection" | High | Low |
| "Brand template mismatch" | Moderate | Low (AI replicates accurately) |
| "Generic greeting suspicion" | Moderate | Low (personalization at scale) |
| "Reverse-image-search verification" | High | Low (synthetic photos) |
| "Voice cloning resistance" | N/A | Low (accessible cloning tools) |
The traditional phishing detection paradigm relied on surface-level content quality signals — typos, awkward phrasing, obviously fake formatting. Generative AI has systematically defeated each of these signals:
Grammar and phrasing: AI tools produce fluent, professional copy. The 2025 phishing email reads like legitimate communication. Email security analysts report that the percentage of phishing emails defeating content-based detection has roughly doubled since 2023.
Visual design replication: AI-assisted design tools enable precise brand replication. The visual experience of a 2025 phishing email is functionally identical to legitimate brand communication.
Voice cloning emergence: Voice phishing has been transformed by accessible cloning. Fraudsters can now generate convincing voice samples from publicly available social media content. The grandchild impersonation pattern (95% of victims 60+, $9,000 average loss) has dramatically increased in effectiveness post-AI accessibility.
Personalization at scale: Mass-targeting phishing campaigns now use AI to customize content for individual recipients based on publicly available information. The economic barrier that previously limited targeted phishing to high-value targets has largely dissolved. "Hi John, your recent Amazon order #ABC123 has shipped" hits with much higher credibility than generic versions — even when order numbers are fabricated.
Business email compromise (BEC) — targeted phishing aimed at business financial transactions — represents a distinct subcategory with materially different operational economics from consumer phishing.
BEC operates through several distinct attack patterns:
| Pattern | Share Of BEC Reports | Median Loss |
|---|---|---|
| CEO/Executive impersonation | 32% | $32,000 |
| Vendor payment routing change | 28% | $45,000 |
| Customer refund fraud | 17% | $18,000 |
| HR/payroll information request | 12% | $8,000 |
| Attorney/legal counsel impersonation | 7% | $28,000 |
| Other | 4% | Various |
The vendor payment routing change pattern generates the highest median loss ($45,000) and represents the most sophisticated BEC variant. Operational sequence: fraudsters compromise either the target business's email or the vendor's email (often through earlier phishing), monitor communications to understand payment workflows, then inject fraudulent "we've changed our banking details" messages timed to coincide with legitimate invoice payment.
BEC differs fundamentally from consumer phishing in operational economics. Per-incident losses ($25,000-$45,000 median by pattern type) make targeted research economically viable. Where consumer phishing operates on mass-distribution low-conversion economics, BEC operates on targeted-research high-conversion economics. The two patterns therefore exhibit different defensive requirements.
Voice phishing ("vishing") has grown alongside AI capabilities. While volume remains lower than email or SMS phishing, per-incident losses are notably higher — particularly for older demographics.
| Pattern | Primary Demographic | Avg Loss | Trend |
|---|---|---|---|
| Tech support scams | 73% age 50+ | $1,395 | Stable |
| Grandchild impersonation | 95% age 60+ | $9,000+ | Sharply rising (AI voice cloning) |
| Medicare/SSA impersonation | 87% age 60+ | $1,800 | Stable |
| IRS impersonation | Mixed | $1,200 | Declining (awareness) |
| Bank fraud "investigator" | Mixed | $4,800 | Rising |
Demographic concentrations reflect the targeted nature of specific scripts. Grandchild impersonation and Medicare/SSA scams are specifically designed around older-adult demographics; their victim distribution reflects targeting rather than random vulnerability.
The grandchild impersonation pattern's sharp 2025 rise tracks AI voice cloning accessibility. The pattern's mechanics:
The voice cloning component is the 2025 inflection. Fraudsters can now generate convincing voice samples from publicly available social media content — a public TikTok video, podcast appearance, or family video provides enough audio to clone. The "I would have recognized it wasn't really my grandchild" defense that protected older adults historically has been substantially eroded.
The tech support scam pattern remains structurally stable but operates with consistent demographic concentration. Pop-up warnings, cold calls from "support technicians," and search engine ads for fake support phone numbers all funnel toward remote access software installation, fabricated diagnostic "findings," and payment for fake services. 73% of victims are 50+, with the demographic concentration reflecting both targeting infrastructure (specifically aimed at older adults) and reduced familiarity with how real tech support operates.
Understanding why phishing succeeds — particularly against people who "should know better" — informs effective defense beyond surface-detection advice.
Quality has genuinely improved beyond detection. The traditional skepticism framework relied on surface signals (grammar, formatting, awkwardness). AI elimination of these signals means the framework now produces false negatives at high rates. The 2025 phishing email looks legitimate to even careful inspection.
Time pressure bypasses critical thinking. Nearly every effective phishing pattern includes urgency framing. Analysis of successful phishing in 2025 reveals consistent urgency elements:
| Urgency Type | Share Of Successful Phishing |
|---|---|
| "Account will be suspended in [hours]" | 34% |
| "Immediate payment required to avoid [consequence]" | 26% |
| "Suspicious activity detected — verify now" | 22% |
| "Time-limited offer expires today" | 11% |
| "Package will be returned if not addressed" | 7% |
The familiarity heuristic works against detection. Brand impersonation succeeds because most recipients actually have accounts with the impersonated services. A "Microsoft Office 365" phishing email reaches a substantial percentage of recipients who are actually Microsoft 365 users. Initial assumed legitimacy is amplified when phishing leverages context — receiving a "delivery problem" SMS while actually expecting a package, or a "suspicious activity" alert shortly after legitimate suspicious-seeming activity (like a travel purchase).
Personalization defeats generic-detection. Phishing that references real personal details — employer name, recent purchases, family members — defeats the "this looks like a mass email" detection heuristic. AI-enabled personalization at scale has made this approach economically viable for fraudsters operating mass-targeting campaigns. The economic barrier between mass and targeted phishing has substantially dissolved.
Several 2025 patterns are likely to define the 2026 phishing landscape:
AI sophistication will continue to outpace detection. The 2022-2025 trajectory shows content-based detection deteriorating from ~76% effectiveness to ~53% effectiveness. Absent fundamental detection paradigm shifts (moving from content-based to behavior-based detection), the trajectory will continue.
QR code phishing will grow as a category. The "quishing" pattern — QR codes in emails, physical signage, or mail directing to phishing sites — exploits the visual nature of QR codes, where users can't see destination URLs before scanning. Restaurant menus, parking meters, and similar legitimate contexts have normalized QR code usage, providing cover for fraudulent variants. The category was approximately 2% of 2025 phishing but trajectory suggests substantial growth potential.
Multi-channel coordinated attacks will become standard. Sophisticated phishing operations are increasingly coordinating across channels — initial email creating context, SMS reinforcement, then voice call from a "support representative" who has knowledge of the previous communications. The multi-channel approach overcomes the skepticism that any single channel might trigger.
Voice cloning will accelerate vishing growth. The grandchild impersonation pattern's effectiveness with AI voice cloning makes the pattern economically attractive for criminal expansion. Expected outcomes: more operations targeting this demographic, higher per-incident losses as cloning improves, and erosion of the "I would have recognized their voice" defense.
Personalization will continue democratizing targeted attacks. AI-enabled mass personalization has dissolved the economic barrier between mass and targeted phishing. The implication: targeted-style attacks (referencing real personal details, specific to individual recipients) will become viable at mass scale.
The aggregate analytical conclusion: phishing is structurally moving toward defeating consumer defense rather than facing it. Detection through content quality, brand template recognition, voice familiarity, and generic-content suspicion are all deteriorating simultaneously. Effective defense requires either substantially improved technical literacy (an unrealistic expectation across general populations) or accessible tools that verify communication legitimacy at the infrastructure level.
Phishing accounts for an estimated 84% of social engineering-based fraud and remains the single largest attack vector across consumer and business fraud. The Anti-Phishing Working Group documented approximately 6.4 million unique phishing sites identified in 2025 — an 83% increase from 2022's ~3.5 million.
SMS phishing grew from 9% of phishing reports in 2022 to 23% in 2025 — faster than any other channel. Structural factors driving growth: bypasses email filtering infrastructure (higher delivery rates), mobile-context encourages rapid action, short message format limits visible signals users can evaluate, personal mobile numbers widely available through data breaches, sender ID spoofing capabilities, and carrier-level fraud detection less mature than email infrastructure.
2025 brand impersonation share: Microsoft (24%), Amazon (18%), Apple (11%), PayPal (9%), Google (7%), Netflix (5%), banks aggregated (14%), and other retailers/services (12%). The concentration in technology platforms reflects their universal reach — virtually all U.S. adults have accounts with these providers, creating high baseline relevance for any mass campaign.
2025 was the first year showing measurable AI impact. Content-based detection effectiveness dropped from ~76% in 2022 to ~53% in 2025. Specific impacts: grammatical/phrasing tells largely eliminated, visual brand replication near-perfect through AI-assisted design, voice cloning enabling convincing vishing calls, synthetic profile photos defeating reverse-image-search, and personalization at scale defeating generic-content detection. The 'spot the bad grammar' detection paradigm is becoming obsolete.
Package delivery scams represent 34% of 2025 SMS phishing reports — the largest single category. The pattern works because most Americans have packages in transit at any given time, creating high baseline relevance. Urgency framing ('returned in 24 hours') encourages immediate action. Small fee amounts ($2.99-$5.99) defeat suspicion thresholds. The actual capture goal is payment information, not the small fee itself.
BEC generated $1.4 billion in U.S. business losses in 2025. Per-incident losses are dramatically higher than consumer phishing — median losses by pattern: vendor payment routing change ($45,000), CEO/executive impersonation ($32,000), attorney/legal counsel impersonation ($28,000), customer refund fraud ($18,000), HR/payroll information request ($8,000). The targeted research model makes per-incident economics viable for sophisticated operations.
Demographic concentration reflects targeting infrastructure rather than random vulnerability. Tech support scams: 73% age 50+. Grandchild impersonation: 95% age 60+. Medicare/SSA impersonation: 87% age 60+. These patterns are specifically designed around older-adult demographics — script content, authority deference patterns, and assumed unfamiliarity with technology error messages all calibrate to this cohort.
The grandchild impersonation pattern's sharp 2025 rise tracks AI voice cloning accessibility. Fraudsters can now generate convincing voice samples from publicly available social media content — a public TikTok video, podcast appearance, or family video provides enough audio to clone. The 'I would have recognized their voice' defense that historically protected older adults has been substantially eroded. Average losses ($9,000+) substantially exceed pre-AI levels.
Nearly every effective phishing attack includes urgency framing. 2025 analysis of successful phishing: 'Account will be suspended' (34%), 'Immediate payment required' (26%), 'Suspicious activity detected — verify now' (22%), 'Time-limited offer expires today' (11%), 'Package will be returned' (7%). Urgency bypasses critical thinking and forces rapid decision-making. Legitimate organizations rarely require immediate action via email or SMS — urgency in unsolicited communication is itself a fraud signal.
An emerging category where QR codes embedded in emails, physical signage, or printed mail direct to phishing sites. The pattern exploits QR codes' visual nature — users can't see destination URLs before scanning. Restaurant menus, parking meters, and similar legitimate contexts have normalized QR code usage, providing cover for fraudulent variants. Approximately 2% of 2025 phishing but trajectory suggests substantial growth potential.
The 2022-2025 effectiveness trajectory shows content-based detection deteriorating from ~76% to ~53%. Generative AI has systematically defeated each traditional content signal: grammar and phrasing tells eliminated, visual brand replication near-perfect, reverse-image-search defeated by synthetic photos, voice cloning eliminating audio familiarity signals, and personalization at scale defeating generic-content detection. The defense paradigm must shift toward structural verification (sender domain, URL character verification, independent confirmation) rather than content quality assessment.
Consumer phishing operates on mass-distribution low-conversion economics — millions of messages with low success rates generate aggregate returns. BEC operates on targeted-research high-conversion economics — research-intensive operations against specific business targets with high per-incident extraction. AI-enabled mass personalization is dissolving the economic barrier between these models — targeted-style attacks (referencing real personal details) becoming viable at mass scale represents the major 2026 trajectory.