Microsoft Digital Defense Report 2025.html

Data theft accounted for 37% of cyber-attacks, while 33% had an extortion component and 19% involved ransomware or destructive activity.

28% of breaches in 2025 were initiated through phishing or social engineering.

Over 40% of ransomware attacks in 2025 had a hybrid component.

AI-driven phishing is now three times more effective than traditional phishing campaigns.

The use of AI-driven forgeries grew by 195% globally in 2025.

In 2025, Microsoft thwarted $4 billion in fraud attempts and blocked 1.6 million bot-driven or fake account sign-ups every hour.