SpyCloud Report Finds Higher Phishing Volume and Token Exposure Challenges

SpyCloud released its 2026 Phishing Pulse Report, which focused on survey results and analysis of active phishing campaigns and phishing-as-a-service infrastructure. The report matters to enterprise security teams because it outlines reported changes in phishing volume and the difficulties organizations face after a successful attack.

In a survey of security professionals at organizations with more than 1,000 employees, SpyCloud found that 78% reported an increase in phishing volume over the past 12 months. It also found that 84% said AI-generated phishing attacks are becoming more prevalent or harder to defend against. Separately, SpyCloud reported that employee data was exposed at 86% of Fortune 100 companies over the last 12 months.

SpyCloud’s analysis combined survey findings with observations of active phishing campaigns and phishing-as-a-service infrastructure. The report included that only 38% of organizations were very confident they could detect and respond to credential theft within 24 hours, and 58% struggled to identify which credentials or session tokens were exposed after a phishing incident. It also reported that only 30% had fully integrated phishing detection with identity response workflows.

SpyCloud researchers observed that approximately half of recaptured phishing-as-a-service platform-sourced records were tied to enterprise identities, versus 11% of malware-sourced records. The report also listed respondents’ concerns beyond AI-generated phishing, including business email compromise at 58% and vendor impersonation at 52%. “Phishing has become both more sophisticated and more scalable,” said Trevor Hilligoss, Chief Intelligence Officer at SpyCloud. “AI-generated lures, PhaaS platforms, and adversary-in-the-middle (AiTM) techniques are helping attackers capture not only usernames and passwords, but session cookies, refresh tokens, granting them authenticated access that can persist long after a password reset.”

Provided by Globe Newswire on behalf of SpyCloud. Click to read original content.

Netskope Plans Integration With Amazon Bedrock AgentCore

Total Economic Impact Study Shows Island Delivered 344% ROI to Enterprises Over Three Years

Netskope Catalyst MSP/SP Program details tiered MSP support