Researchers at SpyCloud warn that the number of stolen identity records on criminal forums rose to 65.7 billion in 2025, a 23% increase from the previous year.
“Phishing, malware, third-party breaches, and combo lists feed vast volumes of identity data into the industrialized criminal ecosystem,” the researchers write.
“The risk extends beyond compromise – it fuels costly attacks at scale. With so much exposed data in circulation, attackers can continuously piece assets together and use them to gain initial access across applications and systems to power follow-on attacks.”
Phishing is still the most common technique used to gain access or steal credentials, with many of these attacks succeeding against enterprise targets.
“Phishing remains the top-cited risk by security teams – and it’s also the most-abused entry point for ransomware attacks,” SpyCloud says.
“The most recent data supports the evidence that phishing is being used to target enterprises – probably with a higher success rate than you’d think. It’s handing cybercriminals the keys to the kingdom, for enterprises and consumers alike. Nearly half of all phished identities are corporate, and some kits have an even higher proportion of corporate victims, underscoring that enterprise controls are not stopping this threat.”
These threats are driven by phishing-as-a-service (PhaaS) platforms that allow unskilled threat actors to launch sophisticated, targeted attacks.
“By commercializing the phishing process – complete with fake website designs, MFA-bypass capabilities, and even victim-vetting mechanisms with pre-built email templates – these platforms have democratized access to advanced attack tactics, flooding the threat landscape with a wave of new, low-skilled actors capable of executing enterprise-grade attacks. Layered on top of AI-driven personalization and infostealer malware that feeds criminals richer targeting data, PhaaS has made phishing the dominant initial access vector for ransomware and account takeover. It’s the starting point for more damage.”
KnowBe4 empowers your workforce to make smarter security decisions every day. Over 70,000 organizations worldwide trust the KnowBe4 HRM+ platform to strengthen their security culture and reduce human risk.
SpyCloud has the story.
Here's how it works:
