The world’s collective dependence on email has becoming its biggest weakness.
During the first quarter alone, Microsoft Threat Intelligence uncovered 8.3 billion email-based phishing threats. Although the numbers dipped slightly month by month—from 2.9 billion in January to 2.6 billion in March—the sophistication of attacks rose sharply.
According to the Microsoft Threat Intelligence report the new frontier was QR code phishing, a tactic that lured users into scanning codes leading to credential-stealing websites.
In just three months, this method more than doubled in frequency. At the same time, CAPTCHA-gated phishing—in which attackers used verification screens to appear legitimate—evolved to evade common security filters.
More than three-quarters of email threats carried malicious links, while a smaller fraction delivered files directly. In January this year, 19% of attacks used infected attachments such as HTML or ZIP files, but by March, that number had dropped to 13%. Cyberthreat actors increasingly relied on hosted phishing sites rather than embedded malware. Instead of planting harmful code inside emails, they built external infrastructures designed to use passwords and financial details on a massive scale.
At the centre of most of these schemes was credential phishing—the theft of identity and access. Once attackers secure a single set of credentials, they can infiltrate corporate systems, reroute payments, or steal private communications.
Security analysts have been warning of this trend for years. Annual Federal Information Security Management Act (FISMA) reports have stated that email and phishing rank among the top three threat vectors across U.S. federal networks, second only to vague categories like “improper usage.”
Behind these attacks were transnational criminal organizations who used a combination of phishing, impersonation, financial fraud, and malware deployment. Email gave them easy reach—cheap, scalable, and nearly anonymous. Every inbox became a potential entry point into a personal life, a business network, or a government infrastructure.
Securing the Inbox: Staqo’s Proactive Defense Against Evolving Email Threats
Staqo delivers end-to-end email security through continuous monitoring, threat intelligence, and rapid incident response via its SOC.
With vulnerability assessments, penetration testing, and compliance audits, it identifies risks early, while training programs and advisory services strengthen user awareness—helping enterprises prevent phishing, credential theft, and evolving inbox-based cyber threats.