Barracuda Networks: Email Threats Report 2025

Email remains the most common attack vector for cyber threats because it provides an easy entry point into corporate networks.

Barracuda Networks, a leading cybersecurity company providing complete protection against complex threats for all sized businesses, released the 2025 Email Threats Report, which details the current state of email-based risks facing organizations worldwide, based on Barracuda’s threat detection data. The findings highlight how attackers continue to shift malicious links and content to attachments in the hope of evading detection by security tools. Advanced AI-based threat detection is critical for detecting such hidden threats.

As many as 20% of organizations experienced at least one attempted or successful account takeover (ATO) incident per month, with attackers typically trying to gain access through phishing, credential stuffing or by exploiting weak or reused passwords. Once inside an account, attackers can steal sensitive data, move laterally inside the organization, and send phishing emails that appear to be from a trusted source.

The evolving email threat landscape:

• Phishing and account takeover: Approximately 20% of organizations experience at least one attempted or successful account takeover (ATO) incident each month. Attackers often gain access through phishing schemes, credential stuffing or exploiting weak passwords. Once they infiltrate an account, they can steal sensitive information and launch further attacks from within.
• Malicious QR codes: As many as 68% of malicious PDF attachments and 83% of malicious Microsoft documents contain QR codes that direct users to phishing websites. This tactic exploits users’ trust in familiar document formats.
• Bitcoin sextortion scams: These scams account for 12% of malicious PDF attachments. This trend highlights the need for vigilance against emerging threats that leverage fear and urgency.
• DMARC configuration gaps: Alarmingly, 47% of email domains lack Domain-based Message Authentication, Reporting and Conformance (DMARC) configuration, which is essential for protecting against spoofing and impersonation attacks. This gap leaves many organizations vulnerable to attacks that can damage their reputation and trustworthiness.
• Malicious spam proliferation: The report also notes that 24% of email messages are now classified as unwanted or malicious spam, further complicating the email security landscape.

Malicious email attachments, QR codes and URLs are used by attackers to distribute malware, launch phishing campaigns and exploit vulnerabilities. Many organizations increase their risk level by failing to implement DMARC, making it possible for attackers to impersonate their brand and implement fraudulent attacks. Organizations need to mitigate the risks by implementing best practice industry standards and adopting a multi-layered approach to email security, leveraging AI-driven threat detection to spot attacks hidden in attachments and malicious websites

As cyberthreats continue to evolve, organizations must stay informed about the latest risks and adopt robust security measures.

Barracuda platform protects email, data, applications, and networks with innovative solutions, and a managed XDR service, to strengthen cyber resilience.

Receive a more information and personal consultation on Barracuda Networks solutions from certified Softprom specialists.

Softprom — Value Added Distributor of Barracuda Networks.