Report by LevelBlue
LevelBlue Threat Trends Report, 2025, Edition Two
5 FINDINGSPublished Jul 30, 2025
View Original Report →Key Findings
Fake CAPTCHA social engineering attacks, particularly ClickFix campaigns, jumped 1,450% from the second half of 2024 to the first half of 2025.
LevelBlueLevelBlue Threat Trends Report, 2025, Edition Two·Jul 30, 2025
Social engineeringCAPTCHA
The average breakout time for attackers (how quickly they move laterally after initial access) is under 60 minutes, and in some cases, less than 15 minutes.
LevelBlueLevelBlue Threat Trends Report, 2025, Edition Two·Jul 30, 2025
Breakout time
Social engineering attacks accounted for 39% of initial access incidents observed during the first half of 2025.
LevelBlueLevelBlue Threat Trends Report, 2025, Edition Two·Jul 30, 2025
Social engineering
Non-Business Email Compromise (BEC) incidents rose by 214%.
LevelBlueLevelBlue Threat Trends Report, 2025, Edition Two·Jul 30, 2025
BEC
The number of cybersecurity incidents observed between January 1 and May 31 2025 nearly tripled.
LevelBlueLevelBlue Threat Trends Report, 2025, Edition Two·Jul 30, 2025
Cybersecurity incidents