SpyCloud Data Shows Corporate Users 3x More Likely to Be Targeted by Phishing Than by Malware

Phishing has surged 400% year-over-year, highlighting need for real-time visibility into identity exposures.

SpyCloud, the leader in identity threat protection, today released new data showing a sharp rise in phishing attacks that disproportionately target corporate users. The company tracked a 400% year-over-year increase in successfully phished identities, with nearly 40% of the 28+ million recaptured phished records containing a business email address – compared to just 11.5% in recaptured malware data. The result is a warning to enterprises that their workforce is three times more likely to be targeted with phishing attacks than infostealer malware. 

The findings reinforce a growing shift in cybercriminals’ strategy: phishing is now the preferred gateway into enterprise environments, and SpyCloud sees this trend continuing in 2026. Threat actors are using this access as a launchpad for follow-on attacks, with SpyCloud reporting in its 2025 Identity Threat Report that phishing is now the leading entry point ...