CybersecurityJun 10, 2026, 08:06 AM
Zscaler Report: Phishing Volume -20%, 95.2% Encrypted, AI Attacks Surge
AI Summary
Zscaler, Inc. announced the release of its ThreatLabz 2026 Phishing and Initial Access Report, revealing a fundamental shift in cybercrime economics. While overall phishing volume dropped 20% year-over-year for the second consecutive year, the sophistication and effectiveness of attacks have surged. Adversaries are increasingly using AI-powered "text-to-site" tools and real-time session hijacking kits, with 95.2% of phishing attempts now hidden in encrypted traffic. The report highlights a 65.5% surge in targeted attacks against the Services sector and 89.9 million hostile interactions recorded by deception telemetry, underscoring the need for Zero Trust architecture.
Key Highlights
- Phishing volume decreased 20% year-over-year for the second consecutive year.
- 95.2% of phishing attempts are now hidden in encrypted traffic, bypassing legacy security.
- Targeted attacks against the Services sector surged 65.5% year-over-year.
- ThreatLabz identified over 413,000 AI-generated phishing instances.
- Deception telemetry recorded 89.9 million hostile interactions from 1.37 million unique attacker IPs.
- Government sector attacks increased by 50% as adversaries pursue high-value intelligence.
- Brazil saw a 2,522% surge in phishing hosting, becoming a top-five global origin.
Price Impact
More from ZS