Human Factor Report Vol. 2 Offers New Insights on Phishing - Proofpoint

Blog Email and Cloud Threats Proofpoint’s Next Human Factor Report Uncovers New Insights on Phishing and URL-Based Threats SHARE WITH YOUR NETWORK! AUGUST 14, 2025 BRETTE PETERSEN Proofpoint’s new Human Factor report series is a fresh take on how we share insights about the threat landscape. Instead of long, technical reports, this year we’ve shortened them to make them more actionable. Each volume focuses on a specific threat tactic along with key trends and cybercriminal behaviors, which are observed across Proofpoint’s global threat intelligence and backed by data from more than 3.5 billion emails analyzed daily.  In Human Factor, Vol. 1, our globally-recognized threat intelligence experts broke down emerging trends focused on social engineering. In this next edition, Human Factor, Vol. 2, Proofpoint delivers insights about phishing and malicious URLs.   A diversified phishing playbook  Phishing is a form of social engineering in which attackers deceive users into clicking malicious links, downloading harmful files, or handing over sensitive information. Unlike pure social engineering, it’s activated by a click. While the core mechanics haven’t changed, the delivery methods and payloads have evolved dramatically.   For this report, our researchers tracked the scale, sophistication, and delivery methods that cybercriminals are using when it comes to URL-based threats. What they found is that attackers are diversifying, and it’s working. They also observed that attackers are increasingly focused on using malicious links over traditional file-based payloads. And threats are further expanding into mobile and hybrid threat vectors like SMS-based phishing (“smishing”) and QR code phishing.  Key takeaways from the report  URLs are used 4x more often than attachments in malicious emails ClickFix URL-based malware campaigns increased nearly 400% year over year  Approximately 34% of URL-based malware campaigns delivered remote access software  At least 55% of suspected smishing messages contained malicious URLs  There were 4.2 million QR code threats identified by Proofpoint in the first half of 2025  Get more insights  Phishing isn’t just in email anymore, and malware isn’t just in attachments. In spite of thorough awareness training programs and email security investments, phishing remains one of the most persistent and successful attack vectors. That’s because it preys on human instinct, not just technical vulnerabilities. And it isn’t just a nuisance—it’s the front door to data breaches, ransomware attacks, and large-scale fraud.  Our report findings underscore how urgent it is for organizations to reinforce their protections against malicious URLs. It’s also important for them to adapt their defenses to stop multichannel phishing tactics that extend beyond the inbox.  To get more insights from our expert threat researchers, download the full report now.   Previous Blog Post Next Blog Post Subscribe to the Proofpoint Blog