Attackers are increasingly skipping fake websites and hijacked domains in favor of legitimate business tools.
A new report from KnowBe4 shows cybercriminals are embedding scams inside platforms such as QuickBooks, Zoom, and SharePoint—making phishing harder to detect and nearly impossible to block without disrupting real work.
KnowBe4’s Phishing Threat Trends Report, Volume Six found a 67% year-over-year jump in the abuse of trusted business platforms and a 449% rise in vishing, or voice phishing, attacks (KnowBe4, Oct. 2025). The findings reinforce a pattern many security teams have already observed: phishing is evolving from crude impersonation toward what analysts call “living-off-the-land” tactics—where attackers weaponize legitimate services instead of building their own infrastructure.
Security experts caution that this isn’t a brand-new tactic but one growing in scale and automation. Platforms like Microsoft 365, Google Drive, and PayPal have been abused for years, but the combination of easier social-engineering kits and global credential reuse has made the technique more effective. Many phishing campaigns now rely on compromised accounts or embedded collaboration links that appear fully legitimate until the victim is deep inside the workflow.
The attacker’s biggest asset is familiarity, KnowB34 warns. When an employee trusts a platform, no secure email gateway is going to save you, it added.
Industry data from firms such as Cofense and Proofpoint echo the same trend: defenders are seeing fewer spoofed domains and more misuse of real brands. That nuance matters because it reframes phishing as less of a perimeter issue and more of a behavioral one. While KnowBe4’s report ties the rise to end-user risk awareness, other researchers point to insufficient content scanning and inconsistent API controls on the platforms themselves.
In short, the problem isn’t new—but it’s accelerating. Attackers are exploiting the trust we’ve built into the tools we depend on, and defending against that will take more than awareness training.
