Cyberattacks have become mainstream businesses in 2025 - AI and ransomware trends are the biggest contributors

Domain spoofing is trivially easy without DMARC enforcement, says Brad Slavin, General Manager of DuoCircle. Anyone can send email that looks like it comes from your domain. DMARC with p=reject is the only way to tell receiving servers to block unauthorized senders completely.

_According to the FBI’s 2022 Internet Crime Report (IC3), 300,497 US-based victims reported phishing incidents in a single year, and Business Email Compromise (BEC) caused more than $2.7 billion in direct losses. DMARC Report

Cyberattacks have become mainstream businesses in 2025 - AI and ransomware trends are the biggest contributors

					<button title="Play" aria-label="Play Episode" aria-pressed="false" class="play-btn">
						

Play Episode

					</button>
					<button title="Pause" aria-label="Pause Episode" aria-pressed="false" class="pause-btn hide">
						

Pause Episode

					</button>
					


				

				

					<audio preload="none" class="clip clip-30972">
						<source src="https://media.mailhop.org/dmarcreport/images/2025/08/Cyberattacks-have-become-mainstream-businesses-in-2025 - -AI-and-ransomware-trends-are-the-biggest-contributors.mp3">
					</audio>
					

						

					

					

						

							<button class="player-btn player-btn__volume" title="Mute/Unmute">
								

Mute/Unmute Episode

							</button>
							<button data-skip="-10" class="player-btn player-btn__rwd" title="Rewind 10 seconds">
								

Rewind 10 Seconds

							</button>
							<button data-speed="1" class="player-btn player-btn__speed" title="Playback Speed" aria-label="Playback Speed">1x</button>
							<button data-skip="30" class="player-btn player-btn__fwd" title="Fast Forward 30 seconds">
								

Fast Forward 30 seconds

							</button>
						

						

							<time class="ssp-timer">00:00</time>
							

/

							<!-- We need actual duration here from the server -->
							<time class="ssp-duration" datetime="PT0H2M27S">2:27</time>
						

					

				

			

								<nav class="player-panels-nav">
												<button class="subscribe-btn" id="subscribe-btn-30972" title="Subscribe">Subscribe</button>
																		<button class="share-btn" id="share-btn-30972" title="Share">Share</button>
										</nav>
						

	



		

						

				

					

					

				

				

					

																																																																								

					

						

RSS Feed

							<input value="https://dmarcreport.com/feed/podcast/dmarc-report" class="input-rss input-rss-30972" title="RSS Feed URL" readonly />
						

						<button class="copy-rss copy-rss-30972" title="Copy RSS Feed URL" aria-label="Copy RSS Feed URL"></button>
					

				

			

									

				

					

					

				

				

					

						Share						

					

						<a href="https://www.facebook.com/sharer/sharer.php?u=https://dmarcreport.com/blog/podcast/cyberattacks-have-become-mainstream-businesses-in-2025-ai-and-ransomware-trends-are-the-biggest-contributors/&t=Cyberattacks have become mainstream businesses in 2025 -  AI and ransomware trends are the biggest contributors" target="blank" rel="noopener noreferrer" class="share-icon facebook" title="Share on Facebook">
							

						</a>
						<a href="https://twitter.com/intent/tweet?text=https://dmarcreport.com/blog/podcast/cyberattacks-have-become-mainstream-businesses-in-2025-ai-and-ransomware-trends-are-the-biggest-contributors/&url=Cyberattacks have become mainstream businesses in 2025 -  AI and ransomware trends are the biggest contributors" target="blank" rel="noopener noreferrer" class="share-icon twitter" title="Share on Twitter">
							

						</a>
						<a href="https://media.mailhop.org/dmarcreport/images/2025/08/Cyberattacks-have-become-mainstream-businesses-in-2025 - -AI-and-ransomware-trends-are-the-biggest-contributors.mp3" target="blank" rel="noopener noreferrer" class="share-icon download" title="Download" download>
							

						</a>
					

				

				

					

						Link						

					

						<input value="https://dmarcreport.com/blog/podcast/cyberattacks-have-become-mainstream-businesses-in-2025-ai-and-ransomware-trends-are-the-biggest-contributors/" class="input-link input-link-30972" title="Episode URL" readonly />
					

					<button class="copy-link copy-link-30972" title="Copy Episode URL" aria-label="Copy Episode URL" readonly=""></button>
				

				

					

						Embed						

					

						<input type="text" value='<blockquote class="wp-embedded-content" data-secret="T7nom2plsl"><a href="https://dmarcreport.com/blog/podcast/cyberattacks-have-become-mainstream-businesses-in-2025-ai-and-ransomware-trends-are-the-biggest-contributors/">Cyberattacks have become mainstream businesses in 2025 -  AI and ransomware trends are the biggest contributors</a></blockquote><iframe sandbox="allow-scripts" security="restricted" src="https://dmarcreport.com/blog/podcast/cyberattacks-have-become-mainstream-businesses-in-2025-ai-and-ransomware-trends-are-the-biggest-contributors/embed/#?secret=T7nom2plsl" width="500" height="350" title=""Cyberattacks have become mainstream businesses in 2025 -  AI and ransomware trends are the biggest contributors" - DMARC Report" data-secret="T7nom2plsl" frameborder="0" marginwidth="0" marginheight="0" scrolling="no" class="wp-embedded-content"></iframe><script>

/*! This file is auto-generated / !function(d,l){“use strict”;l.querySelector&&d.addEventListener&&“undefined”!=typeof URL&&(d.wp=d.wp||{},d.wp.receiveEmbedMessage||(d.wp.receiveEmbedMessage=function(e){var t=e.data;if((t||t.secret||t.message||t.value)&&!/[^a-zA-Z0-9]/.test(t.secret)){for(var s,r,n,a=l.querySelectorAll(‘iframe[data-secret=”‘+t.secret+’”]’),o=l.querySelectorAll(‘blockquote[data-secret=”‘+t.secret+’”]’),c=new RegExp(“^https?:$”,“i”),i=0;i<o.length;i++)o[i].style.display=“none”;for(i=0;i<a.length;i++)s=a[i],e.source===s.contentWindow&&(s.removeAttribute(“style”),“height”===t.message?(1e3<(r=parseInt(t.value,10))?r=1e3:~~r<200&&(r=200),s.height=r):“link”===t.message&&(r=new URL(s.getAttribute(“src”)),n=new URL(t.value),c.test(n.protocol))&&n.host===r.host&&l.activeElement===s&&(d.top.location.href=t.value))}},d.addEventListener(“message”,d.wp.receiveEmbedMessage,!1),l.addEventListener(“DOMContentLoaded”,function(){for(var e,t,s=l.querySelectorAll(“iframe.wp-embedded-content”),r=0;r<s.length;r++)(t=(e=s[r]).getAttribute(“data-secret”))||(t=Math.random().toString(36).substring(2,12),e.src+=”#?secret=“+t,e.setAttribute(“data-secret”,t)),e.contentWindow.postMessage({message:“ready”,secret:t},"")},!1)))}(window,document); //# sourceURL=https://dmarcreport.com/wp-includes/js/wp-embed.min.js ’ title=“Embed Code” class=“input-embed input-embed-30972” readonly/>

					<button class="copy-embed copy-embed-30972" title="Copy Embed Code" aria-label="Copy Embed Code"></button>
				

			

				

It’s 2025, and the global situation of cybercrime has worsened; ransomware and other cyberattacks are running like actual businesses. They are now operating as **service providers **where threat actors create easy tools that they sell at cheaper rates, enabling not-so-tech-savvy cybercriminals to launch malware, phishing, DDoS, MITM, and other attacks.

This business market is growing at such a fast pace that cyberattacks have increased by 47% in 2025 compared to the previous year.

The worst-hit sectors of 2025

The education sector is in the biggest trouble this year, with schools and universities facing around **4,484 attacks every week. This is happening because most of these institutions don’t have strong security, despite storing **sensitive student data and information on critical research.

The government sector is also getting hit hard again and again, disrupting essential services. All this is leading to citizens losing trust. The telecom sector is no better. It saw a 94% increase in attacks compared to last year, and this affects every business that depends on their networks.

It is important to understand that these attacks are not just numbers. They are leading to significant downtime, hefty fines, and higher cyber insurance costs. Moreover, users’ safety is at risk because their data can be stolen, their identity can be misused, or even their communication can be hacked. AI is worsening the situation by empowering hackers to create new ransomware, polished phishing messages, and **professional-looking graphics to deceive people on a large scale and find new security holes faster than companies can fix them.

One key defense against such email-based attacks is implementing DMARC, DKIM, and SPF. These essential email authentication protocols work together to prevent spoofing, phishing, and unauthorized use of a domain.

Ransomware is on the rise this year

Ransomware attacks are no longer random; they are being highly targeted towards key industries. Malicious actors are finding weaknesses and unprotected endpoints in supply chains, remote work systems, and outdated software to break into important networks.

So, instead of sending phishing emails to the masses, they are now targeting specific industries like healthcare, education, and telecom.

Ransomware-as-a-service has made it easier for more people to launch these attacks. In the first three months of 2025, there were **2,289 **ransomware attacks, which is 126 percent more than the same time in 2024. Major supermarkets in the UK, including Sainsbury’s, Morrisons, M&S, and Co-op, have been hit by significant attacks, as well as the Legal Aid Agency and the pathology company Synnovis, causing problems for NHS operations. Global monitoring of hundreds of thousands of networks and millions of devices shows that these attacks are becoming more frequent and more serious.

AI is making cyberattacks easier and more dangerous

The rise of **artificial intelligence is making it easier for cybercriminals to launch attacks. Beginners no longer need to create their own tools. They can buy or rent access to hacked systems through apps like Telegram or on dark web forums. This has allowed attacks that many small and medium businesses cannot defend against. Some AI chatbots, including ChatGPT, Gemini, and Claude, can be tricked to produce harmful content. Jailbroken versions like WormGPT and GhostGPT are also available on underground forums, often for free or very cheaply.

Organized crime groups in Europe are already using AI for fraud, stealing data, and money laundering. They also use AI for more obvious threats like automated ransomware, malware, and deepfakes that pretend to be senior executives. While many companies are excited to use AI to work faster, it can also create new risks. A study in the **UK found that 56 percent of businesses that were attacked last year were affected through third-party suppliers, including AI providers. Some hackers exploit AI coding tools like GitHub Copilot or ChatGPT, which can sometimes suggest fake software packages that trick developers into downloading dangerous code.

Businesses today are very connected, and even the best **internal security can fail if their suppliers or partners have weak spots. It is becoming essential for companies to check and protect not just their own systems but their entire network of third-party partners and IT infrastructure.