Beyond the inbox: ThreatLabz 2025 Phishing Report reveals how phishing is evolving in the age of genAI

ThreatLabz uncovered many significant evolving trends in phishing attacks, with attackers adopting advanced tactics to bypass defenses and exploit human trust. The report highlights five key trends shaping the phishing landscape:

• Vishing takes center stage: Voice phishing (vishing) has become a prominent tactic, with attackers impersonating IT support to steal credentials in real time.
• CAPTCHA as a shield for phishing sites: Attackers are using CAPTCHAs to make phishing pages appear legitimate and evade security tools.
• Crypto scams on the rise: Fake cryptocurrency exchanges and wallets lure users through convincing decoy sites, enabling attackers to steal credentials and access victims’ digital funds.
• Phishing targets AI hype: Fraudulent “AI agent” websites that mimic real platforms are exploiting the growing trust in AI to steal user credentials and payment details.

Zscaler Zero Trust Exchange mitigates AI-powered phishing attacks

Phishing is no longer just spam that clogs inboxes—it is now powered by AI to exploit human vulnerability. The Zscaler Zero Trust Exchange is designed to combat these increasingly sophisticated attacks at every stage of the attack chain, turning the tables on cybercriminals.

Preventing Initial Compromise

Phishing attacks strike where trust is most fragile. Zscaler decrypts and inspects TLS/SSL traffic inline to block malicious content in real time, using AI-powered threat detection to identify phishing sites, malware, and zero day payloads. Suspicious websites are isolated in Zero Trust Browser sessions, shielding users from drive-by downloads, malware, and zero-day infections. Dynamic access controls continuously adjust user permissions based on risk signals, helping block threats without disrupting legitimate user activity and workflows.

Eliminating Lateral Movement

Phishing doesn’t stop at initial compromise—attackers aim to infiltrate and expand. Zscaler prevents lateral movement by connecting users directly to applications—not networks—ensuring compromised accounts can’t cascade into systemic breaches. AI-powered segmentation enforces least-privileged access at the application level, reducing the blast radius to a single siloed application and containing threats before they can spread.

Shutting Down Compromised Accounts and Insider Threats

Zscaler enforces context-aware policies, leveraging signals like user identity and behavior and device posture, to ensure only authenticated users and devices gain access to applications, data, and workloads, strengthened by integrated multi-factor authentication (MFA). For the attackers hiding in the shadows, deception technology deploys fake assets that detect and trap attackers early—catching them before they do real harm.

Preventing Data Theft at Every Level

Zscaler safeguards sensitive data with real-time traffic inspection, even for encrypted data flows, ensuring no exfiltration takes place. Data Loss Prevention (DLP) policies extend these protections across apps, email, and even emerging GenAI tools, securing what matters most.

Phishing may be evolving, but with Zscaler’s Zero Trust Exchange, organizations can stay ahead and redefine their cyber defense for a new generation of threats.