Phishing Stays the High Preliminary Entry Vector in Cyberattacks Throughout Europe

Phishing was the preliminary entry vector for 60% of cyberattacks throughout Europe between July 2024 and June 2025, in accordance with the European Union Company for Cybersecurity (ENISA). 

“Close to the first technique for preliminary intrusion, phishing (together with vishing, malspam and malvertising) is recognized because the main vector, accounting for about 60% of noticed circumstances,” the company says.

“Developments in its deployment, comparable to Phishing-as-a-Service (PhaaS) that permits the distribution of ready-made phishing kits, point out an automation that paves the best way for attackers no matter their expertise.”

The company warns that AI instruments have launched new dangers by aiding in cyberattacks and as a goal for assaults themselves.

“The rising function of AI has turn out to be an simple key development of the quickly evolving risk panorama,” the researchers write. “The report highlights AI use each as an optimisation instrument for malicious actions but additionally as a brand new level of publicity. Giant Language Fashions (LLMs) are getting used to boost phishing and automate social engineering actions. By early 2025, AI-supported phishing campaigns reportedly represented greater than 80 p.c of noticed social engineering exercise worldwide.

“Assaults on the AI provide chain are on the rise. Whereas the main focus of risk actions involving AI was the usage of consumer-grade AI instruments to boost their current operations, the emergent malicious AI programs is elevating considerations about their capabilities sooner or later as a result of widespread use of AI fashions.”

ENISA additionally notes a rise in provide chain assaults, which may enable risk actors to scale their assaults by going after a sufferer’s prospects.

“Intently linked to latest occasions within the EU, a rise in focusing on cyber dependencies has been famous,” the company says. “Cybercriminals have intensified their efforts to abuse vital dependency factors, for instance within the digital provide chain, to get essentially the most out of their assaults. This technique is ready to enlarge the influence of actions by leveraging the interconnectedness inherent in our digital ecosystems.”

KnowBe4 empowers your workforce to make smarter safety selections day-after-day. Over 70,000 organizations worldwide belief the KnowBe4 HRM+ platform to strengthen their safety tradition and scale back human threat.

ENISA has the story.