Zscaler 2025 Phishing Report: Shift to Targeted AI-Driven Attacks Despite 20% Global Decline in Phishing Incidents

Zscaler's report reveals a 20% drop in global phishing, with attackers increasingly targeting specific business departments using advanced AI tactics.

Quiver AI Summary

Zscaler's 2025 Phishing Report reveals a significant 20% decline in global phishing incidents, but highlights a shift in tactics, with attackers now targeting specific business departments like IT, HR, and finance using sophisticated, AI-enhanced methods. Popular platforms like Telegram, Steam, and Facebook are increasingly misused for phishing, malware distribution, and identity impersonation. The report notes a dramatic rise in tech support and job scams, with over 159 million incidents reported in 2024. As cybercriminals leverage Generative AI to craft more convincing attacks, Zscaler emphasizes the necessity for organizations to adopt a proactive Zero Trust and AI-driven defense strategy to effectively combat these evolving threats. The report underscores emerging phishing trends, particularly in markets with low security investments, and the need for advanced protective measures to safeguard sensitive operations.

Potential Positives

Zscaler published its 2025 Phishing Report, showcasing its leadership in cloud security and highlighting the effectiveness of its Zero Trust Exchange in blocking over two billion phishing attempts.
The report emphasizes the emerging threat landscape and the need for AI-driven defenses, positioning Zscaler as a critical partner for organizations facing sophisticated cyber threats.
As global phishing incidents decline by 20%, Zscaler's proactive research and insights into targeted attacks reaffirm its commitment to protecting customers amidst evolving attack vectors.

Potential Negatives

Despite a 20% overall decrease in phishing globally, the press release highlights a concerning shift towards more sophisticated and targeted cyber attacks on critical business functions, indicating that existing defenses are not sufficient to combat the evolving threat landscape.
The report implies that Zscaler's existing measures may struggle to keep up with advances in AI-driven phishing tactics, which utilize generative AI to craft flawless scams that can outsmart AI-based defenses, raising questions about the effectiveness of their current security solutions.
There's an indication of a significant gap in security investments, particularly in emerging markets where phishing is rising, suggesting that Zscaler may face challenges in providing adequate protection in those regions without increased resources or support.

FAQ

What are the key findings in the 2025 Phishing Report?

The report highlights a 20% decrease in global phishing, but an increase in targeted attacks on IT, HR, finance, and payroll teams.

Which platforms are most abused for phishing?

Telegram, Steam, and Facebook are the top platforms used for phishing, including impersonation and malware delivery.

How are cybercriminals using AI in phishing attacks?

Cybercriminals leverage Generative AI to create sophisticated scams, generate fake websites, and craft deepfake content to deceive victims.

What is the significance of a Zero Trust + AI defense strategy?

A Zero Trust + AI strategy is critical for organizations to effectively combat evolving phishing threats and prevent potential compromises.

How can Zscaler help organizations defend against phishing?

Zscaler offers a Zero Trust Exchange that protects users, applications, and data through advanced security measures, including AI-powered defenses.

Disclaimer: This is an AI-generated summary of a press release distributed by GlobeNewswire. The model used to summarize this release may make mistakes. See the full release here.

$ZS Congressional Stock Trading

Members of Congress have traded $ZS stock 1 times in the past 6 months. Of those trades, 0 have been purchases and 1 have been sales.

Here’s a breakdown of recent trading of $ZS stock by members of Congress over the last 6 months:

REPRESENTATIVE ROBERT BRESNAHAN sold up to $15,000 on 01/13.

To track congressional stock trading, check out Quiver Quantitative's congressional trading dashboard.

$ZS Insider Trading Activity

$ZS insiders have traded $ZS stock on the open market 38 times in the past 6 months. Of those trades, 0 have been purchases and 38 have been sales.

Here’s a breakdown of recent trading of $ZS stock by insiders over the last 6 months:

AJAY MANGAL has made 0 purchases and 12 sales selling 190,480 shares for an estimated $38,228,210.
ROBERT SCHLOSSMAN (Chief Legal Officer) has made 0 purchases and 15 sales selling 12,938 shares for an estimated $2,575,749.
REMO CANESSA (Chief Financial Officer) has made 0 purchases and 4 sales selling 10,636 shares for an estimated $2,124,196.
ANDREW WILLIAM FRASER BROWN sold 10,000 shares for an estimated $2,060,000
MICHAEL J. RICH (CRO and President of WW Sales) has made 0 purchases and 2 sales selling 7,354 shares for an estimated $1,468,957.
SYAM NAIR (CTO) has made 0 purchases and 2 sales selling 7,035 shares for an estimated $1,405,313.
JAGTAR SINGH CHAUDHRY (CEO & Chairman) has made 0 purchases and 2 sales selling 5,018 shares for an estimated $1,002,674.

To track insider transactions, check out Quiver Quantitative's insider trading dashboard.

$ZS Hedge Fund Activity

We have seen 386 institutional investors add shares of $ZS stock to their portfolio, and 317 decrease their positions in their most recent quarter.

Here are some of the largest recent moves:

VOYA INVESTMENT MANAGEMENT LLC removed 1,467,990 shares (-50.5%) from their portfolio in Q4 2024, for an estimated $264,840,075
TIGER GLOBAL MANAGEMENT LLC added 1,450,000 shares (+inf%) to their portfolio in Q4 2024, for an estimated $261,594,500
UBS GROUP AG added 771,042 shares (+151.5%) to their portfolio in Q4 2024, for an estimated $139,103,687
POINT72 ASSET MANAGEMENT, L.P. removed 627,896 shares (-100.0%) from their portfolio in Q4 2024, for an estimated $113,278,717
FMR LLC added 627,030 shares (+52.2%) to their portfolio in Q4 2024, for an estimated $113,122,482
AMERIPRISE FINANCIAL INC removed 580,586 shares (-80.2%) from their portfolio in Q4 2024, for an estimated $104,743,520
JPMORGAN CHASE & CO removed 577,132 shares (-70.6%) from their portfolio in Q4 2024, for an estimated $104,120,384

To track hedge funds' stock portfolios, check out Quiver Quantitative's institutional holdings dashboard.

$ZS Analyst Ratings

Wall Street analysts have issued reports on $ZS in the last several months. We have seen 11 firms issue buy ratings on the stock, and 0 firms issue sell ratings.

Here are some recent analyst ratings:

Stephens issued a "Overweight" rating on 03/31/2025
Scotiabank issued a "Outperform" rating on 03/06/2025
BMO Capital issued a "Outperform" rating on 03/06/2025
Wedbush issued a "Outperform" rating on 03/06/2025
Bernstein issued a "Outperform" rating on 03/06/2025
RBC Capital issued a "Outperform" rating on 03/06/2025
BTIG issued a "Buy" rating on 03/06/2025

To track analyst ratings and price targets for $ZS, check out Quiver Quantitative's $ZS forecast page.

$ZS Price Targets

Multiple analysts have issued price targets for $ZS recently. We have seen 8 analysts offer price targets for $ZS in the last 6 months, with a median target of $241.0.

Here are some recent targets:

An analyst from Goldman Sachs set a target price of $207.0 on 03/06/2025
An analyst from Scotiabank set a target price of $242.0 on 03/06/2025
An analyst from BMO Capital set a target price of $233.0 on 03/06/2025
An analyst from UBS set a target price of $260.0 on 03/06/2025
An analyst from Robert W. Baird set a target price of $250.0 on 03/06/2025
An analyst from BTIG set a target price of $252.0 on 03/06/2025
Mike Cikos from Needham set a target price of $240.0 on 03/05/2025

Full Release

Key Findings:

Global phishing is down 20% , but attackers are striking deeper, not wider—targeting IT, HR, finance, and payroll teams with high-impact campaigns.
Telegram, Steam, and Facebook are top platforms for phishing – used for both impersonation and malware delivery.
Tech support and job scams increase with 159M+ hits in 2024, preying on users across social platforms.

SAN JOSE, Calif., April 24, 2025 (GLOBE NEWSWIRE) -- Zscaler, Inc. (NASDAQ: ZS), the leader in cloud security, today published its Zscaler ThreatLabz 2025 Phishing Report, analyzing over two billion blocked phishing attempts between January and December 2024 captured by the Zscaler Zero Trust Exchange™, the world’s largest cloud security platform. The annual report exposes how cybercriminals are using Generative AI to launch surgical, targeted attacks against high-impact business functions – and why a Zero Trust + AI defense strategy is mission critical. The report uncovers a shift from high-volume email blasts to targeted, AI-fueled attacks designed to evade defenses and exploit human behavior. It also offers actionable insight to help organizations defend against this evolving threat landscape.

“The phishing game has changed. Attackers are using GenAI to create near-flawless lures and even outsmart AI-based defenses,” said Deepen Desai, CSO and Head of Security Research, Zscaler. “Cybercriminals are weaponizing AI to evade detection and manipulate victims, which means organizations must leverage equally advanced AI-powered defenses to outpace these emerging threats. Our research reinforces the importance of adopting a proactive, multi-layered approach—combining robust zero trust architecture with advanced AI-driven phishing prevention—to effectively combat the rapidly evolving threat landscape.”

Emerging markets see a surge in phishing activity
While phishing dropped overall by 20% globally and by nearly 32% in the U.S., due in part to rising email authentication standards, attackers transitioned just as fast, launching more attacks on emerging markets like Brazil, Hong Kong, and the Netherlands , often where digital adoption outpaces security investment. Established targets like India, Germany, and the UK remain under sustained pressure, as threat actors adapt to local patterns and seasonal trends.

Community platforms fuel phishing growth
Phishing campaigns are increasingly abusing community-based platforms like Facebook, Telegram, Steam, and Instagram – not only spoofing their brands, but using them to distribute malware, mask C2 communications, gather target intel, and carry out social engineering attacks. Meanwhile, tech support scams, where attackers pose as IT support teams to exploit urgency and safety concerns of victims, remain widespread with 159,148,766 hits in 2024 .

Threat actors capitalize on AI: Phishing-as-a-Service and AI deception on the rise
Cybercriminals are using GenAI to scale attacks, generate fake websites, and craft deepfake voice, video, and text for social engineering. New scams mimic AI tools – such as resume generators and design platforms – tricking users into handing over credentials or payment data. Critical departments like payroll, finance, and HR are prime targets, along with executives – as they hold the keys to sensitive systems, information, and processes, and can more easily approve fraudulent payments.

Cybercriminals are also creating fake “AI assistant” or “AI agent” websites, falsely offering services such as resume generation, graphic design, workflow automation, and more. As AI tools become increasingly integrated into daily life, attackers are capitalizing on the ease of use and trust around AI to drive unsuspecting users to fraudulent sites.

Zscaler can help: Defending against AI threats with Zero Trust everywhere + AI
As cybercriminals continue to use GenAI to develop new tactics and deliver more sophisticated attacks, enterprises need to strengthen their defenses against every type of compromise.

The Zscaler Zero Trust Exchange protects users, applications, and data across all phases of the attack chain by:

Minimizing the attack surface
Preventing initial compromise
Eliminating lateral movement
Shutting down insider threats
Stopping data loss

Zscaler AI -powered offerings add advanced protection by securing public AI use, shielding private AI models, and detecting AI-generated threats.

Download the Report
Get the full ThreatLabz 2025 Phishing Report to explore emerging trends and attack vectors. Learn why a Zero Trust + AI approach is critical to staying ahead of today’s phishing threats. Download today.

Research Methodology
Zscaler ThreatLabz analyzed 2 billion blocked phishing transactions between January–December 2024, exploring various aspects including the top phishing attacks, targeted countries, hosting countries for phishing content, distribution of company types based on server IP addresses, and the top referrers linked to these phishing attacks. Additionally, ThreatLabz tracked and examined notable phishing trends and use cases observed throughout 2024.

About ThreatLabz
ThreatLabz is the security research arm of Zscaler. This world-class team is responsible for hunting new threats and ensuring that the thousands of organizations using the global Zscaler platform are always protected. In addition to malware research and behavioral analysis, team members are involved in the research and development of new prototype modules for advanced threat protection on the Zscaler platform, and regularly conduct internal security audits to ensure that Zscaler products and infrastructure meet security compliance standards. ThreatLabz regularly publishes in-depth analyses of new and emerging threats on its portal, research.zscaler.com .

About Zscaler
Zscaler (NASDAQ: ZS) accelerates digital transformation so customers can be more agile, efficient, resilient, and secure. The Zscaler Zero Trust Exchange™ platform protects thousands of customers from cyberattacks and data loss by securely connecting users, devices, and applications in any location. Distributed across more than 150 data centers globally, the SASE-based Zero Trust Exchange is the world’s largest in-line cloud security platform.

Media Contacts
Nick Gonzalez
Sr. Manager, Media Relations
[email protected]

A photo accompanying this announcement is available at https://www.globenewswire.com/NewsRoom/AttachmentNg/6b96dd38-9f87-4353-85b3-13a0086fc129