Report by Arkose Labs
Enterprises Under Attack: Quarterly Threat Actor Patterns | Released Q4 2025
6 FINDINGSPublished Dec 17, 2025
View Original Report →Key Findings
In Q3 2025, fake account creation accounted for 46% of all fraudulent activity.
Arkose LabsEnterprises Under Attack: Quarterly Threat Actor Patterns | Released Q4 2025 ·Dec 17, 2025
Fake Account CreationFraud
In Q3 2025, SMS toll fraud attacks targeting the gaming sector increased by 125%.
Arkose LabsEnterprises Under Attack: Quarterly Threat Actor Patterns | Released Q4 2025 ·Dec 17, 2025
GamingSMS Toll FraudFraud
In Q3 2025, SMS toll fraud targeting the fintech sector grew by 97%, alongside a major spike in human fraud farm activity.
Arkose LabsEnterprises Under Attack: Quarterly Threat Actor Patterns | Released Q4 2025 ·Dec 17, 2025
FintechSMS Toll FraudFraud
SMS toll fraud now comprises 78% of all attacks on the gig economy, up from 48% a year prior.
Arkose LabsEnterprises Under Attack: Quarterly Threat Actor Patterns | Released Q4 2025 ·Dec 17, 2025
Gig EconomySMS Toll FraudFraud
In Q3 2025, SMS toll fraud malicious traffic surged by 67% over Q2 2025, making it the fastest-growing attack type of the quarter.
Arkose LabsEnterprises Under Attack: Quarterly Threat Actor Patterns | Released Q4 2025 ·Dec 17, 2025
SMS Toll FraudFraud
In Q3 2025, the gig economy experienced 51% fewer attacks but 49% more malicious traffic, resulting in a 300% increase in average attack size.
Arkose LabsEnterprises Under Attack: Quarterly Threat Actor Patterns | Released Q4 2025 ·Dec 17, 2025
Gig EconomyFraud