BOSTON, MA – Premier threat intelligence firm Veritas CyberAnalytics has released its Q3 2025 Financial Sector Threat Report, revealing a startling 200% year-over-year increase in sophisticated phishing and business email compromise (BEC) attacks targeting financial institutions.
The report, which analyzes data from millions of endpoints and network sensors worldwide, indicates a significant evolution in attacker tactics. Threat actors are increasingly leveraging generative AI to craft highly personalized and contextually aware spear-phishing emails, making them nearly indistinguishable from legitimate communications. These campaigns are often paired with "MFA fatigue" attacks, where attackers bombard employees with multi-factor authentication push notifications until one is accepted by mistake.
"Threat actors are no longer just casting a wide net; they are using sophisticated social engineering and AI to bypass defenses that companies have relied on for years," said Dr. Samuel Reid, lead analyst at Veritas CyberAnalytics. "This requires a new paradigm of defense, one focused on a zero-trust architecture for email verification and, crucially, continuous and adaptive employee training. The human element remains the most critical line of defense."
Key recommendations from the report include the immediate adoption of advanced email security gateways with AI-powered detection, the implementation of phishing-resistant authentication methods like FIDO2/passkeys, and the deployment of continuous security awareness programs that simulate real-world attack scenarios. The full report is available for download on the Veritas CyberAnalytics website.