2026 Email Threat Research Report - GovInfoSecurity

Sublime Security • April 23, 2026   Share Post Share Credit Eligible Email threats are no longer driven by volume - they’re engineered for precision. According to this report, 32% of all attacks were business email compromise (BEC), with attackers increasingly exploiting trust through tactics like thread hijacking, impersonation, and highly customized social engineering. At the same time, AI-powered attacks surged, with nearly 1 in 5 malicious emails in Q4 showing signs of generative AI involvement. As traditional defenses improve, attackers are shifting strategies - combining multiple evasion techniques, abusing trusted platforms, and expanding beyond the inbox into calendars and mobile devices. From QR code phishing and ICS calendar invite attacks to large-scale email bombs, the modern threat landscape is more complex, adaptive, and harder to detect than ever. Download this report to learn: How attackers are shifting from mass campaigns to highly targeted, trust-based attacks The rise of AI-generated phishing and its impact on attack scale and sophistication Emerging techniques like QR code phishing, ICS calendar abuse, and evasion stacking How threat actors exploit trusted platforms (LOTS) to bypass traditional defenses Key recommendations to strengthen detection, response, and resilience in modern email security