Cyberthreat Report: Defending against AI threats
Email remains the cornerstone of communication – and also the prime target of increasingly sophisticated cyberattacks powered by AI.
Our 2025 Cyberthreat Report provides essential insights and actionable strategies to help engineers and IT professionals strengthen their email defenses, protect their brands, and stay compliant with evolving security mandates.
Get your free copy
Want your free copy now?
Complete the form below to access this expert guide, packed with advice and security strategies tailored for today’s threat landscape.
The Cyberthreat Report: Key insights for 2025
Malicious insider attacks became the most expensive initial breach vector, averaging $4.92 million in losses per incident.
Shadow IT and unapproved AI technology created new exposure points, with 78% of employees using personal AI tools at work.
Ransomware and extortion attacks accounted for nearlyone in three global breaches, driving some of 2024’s most severe financial losses.
Sneak peek inside the 2025 Cyberthreat Report
Rising AI-driven cyberthreats
AI is changing the cybersecurity landscape. Adoption is growing, with 72% of organizations now using AI in at least one business function, but attackers are weaponizing the same technology. Deepfakes, adaptive malware, and impersonation scams are becoming more convincing and harder to detect, with AI now powering 40% of BEC attacks worldwide.
Email remains essential
Despite the rise of collaboration tools, email remains the backbone of communication. It’s open, universal, and irreplaceable for invoices, customer support, and daily operations. But that same dependency makes it a prime target for cybercriminals.
Email by the numbers
In 2024, over 361 billion emails were sent and received every day, nearly 4.2 million every second. With over 4.4 billion users (more than half the global population), email’s scale amplifies its vulnerability. Every message represents a potential entry point for attackers.
The U.S. reported $16 billion in cybercrime losses
Half of businesses in the UK reported a breach
India experienced a 206% surge in financial losses
China ranked first globally for data breaches
South Africa saw phishing and malware dominate attacks
Only 7 out of 32 Latin American countries have protection plans
Australia recorded 30.2 million phishing attempts
The global impact
The global cost of cybercrime exceeded $9 trillion in 2024.
Other key events in 2024:
The U.S. reported $16 billion in cybercrime losses
Half of businesses in the UK reported a breach
India experienced a 206% surge in financial losses
China ranked first globally for data breaches
Only 7 out of 32 Latin American countries have protection plans
South Africa saw phishing and malware dominate attacks
Australia recorded 30.2 million phishing attempts
The top threats in 2025
Ransomware, insider threats, and supply chain attacks are among the top threats, but AI is accelerating them all. Attackers are using machine learning to power adaptive malware, personalize phishing emails, and even automate multi-vector campaigns. Human error also continues to play a major role, contributing to 68% of all breaches globally.
The state of DMARC
DMARC adoption has accelerated, driven by mandates from providers like Google, Yahoo, and Microsoft. Comparing July 2023 to 2024 with July 2024 to 2025, the number of domains enforcing p=reject policies surged by 149%. This shows a strong global shift from monitoring to full protection.
Meanwhile, DMARCbis (DMARC 2.0) – the upcoming version of the standard – will bring clearer rules, improved reporting, and stronger security to help organizations safeguard their email environments.
Protect your business
Without authentication standards like DMARC, SPF, and DKIM, companies expose themselves to spoofing, phishing, and impersonation. Discover how to take proactive steps to defend your company against AI-powered cyberattacks and their devastating consequences. Download the 2025 Cyberthreat Report to understand evolving threats and the strategies needed to stay ahead.
Get your free copy
Want your free copy now?
Complete the form below to access this expert guide, packed with advice and security strategies tailored for today’s threat landscape.
Elevate your email security with Sendmarc
Sendmarc’s DMARC platform simplifies email authentication from start to finish. With automated DNS updates, real-time monitoring, expert analysis, and detailed reporting, you can strengthen your defenses easily while staying compliant with global regulations.
Protect your brand, customers, and partners against phishing, spoofing, and BEC attacks – today and in the future.
Get in touch to start your journey toward effortless DMARC implementation and future-ready email protection.
Cyberthreat Report FAQs
What is the Cyberthreat Report?
The Cyberthreat Report is Sendmarc’s annual guide that analyzes global email threats, emerging cybersecurity trends, and the latest updates to authentication protocols like Domain-based Message Authentication, Reporting, and Conformance (DMARC).
Who should read the Cyberthreat Report?
The Cyberthreat Report is designed for IT professionals who want actionable strategies to defend against phishing, spoofing, and AI-driven email attacks.
Why is the 2025 Cyberthreat Report important?
The 2025 Cyberthreat Report is important because it shows how artificial intelligence is reshaping cyberattacks, highlights compliance shifts like DMARC 2.0 (DMARCbis), and provides practical steps to protect against identity-based threats.
What new insights are included in the 2025 Cyberthreat Report?
The 2025 Cyberthreat Report includes regional threat data from the U.S., Europe, South Africa, India, and China, a deep dive into AI-powered scams, and expert guidance on mitigating risks such as ransomware, insider threats, and shadow IT.