Mimecast, a global leader in cybersecurity and human risk management, has released its 2025 Global Threat Intelligence Report, revealing how cybercriminals are intensifying their focus on exploiting human vulnerabilities through AI-powered and multi-channel attacks. The report highlights that Southeast Asia has increasingly become a strategic launchpad for global cyberattacks, as threat actors weaponize compromised systems in the region’s fast-growing technology hubs to conceal their operations and amplify their global reach.
According to Mimecast’s threat telemetry, attackers are taking advantage of Southeast Asia’s rapid digitalization and expanding network of small and medium-sized enterprises, many of which operate on legacy systems and lack robust cybersecurity measures. These compromised networks are often used as proxy infrastructures to mask the origin of malicious campaigns, making attribution and containment far more difficult for security analysts. “Asia-Pacific’s rapid digitalisation and interconnected supply chains make the region a focal point for today’s cyber threats,” said David Sajoto, Vice President and General Manager for Asia-Pacific and Japan at Mimecast. “Threat actors are not only targeting local organizations — they are exploiting Southeast Asian infrastructure to launch attacks globally.”
The report also underscores a major evolution in attacker behavior, with cybercriminals leveraging generative AI to enhance phishing and social engineering schemes. Phishing now accounts for 77% of all detected attacks, up from 60% in 2024, as AI enables the creation of hyper-realistic lures — from fake emails and chat messages to cloned voices and synthetic audio clips. Mimecast Chief Product & Technology Officer Ranjan Singh noted that financial institutions, government agencies, and city administrations have all become prime targets for AI-driven ransomware and phishing attacks, as threat groups increasingly exploit trusted business services to infiltrate networks.
Among the most concerning trends identified is the surge in ClickFix schemes, which lure victims into executing malicious commands on their own devices under the guise of system fixes or verification prompts. These attacks grew more than 500% in the first half of 2025. Attackers are also “living off trusted services” (LOTS), abusing legitimate business platforms such as DocuSign, Adobe Pay, Salesforce, and DocSend to distribute malicious content while evading detection. Mimecast analysts found that even CAPTCHA services are being manipulated to slow down investigation efforts, with thousands of unique malicious CAPTCHA-protected URLs detected monthly.
Mimecast’s research further points to the rise of multichannel attacks that combine emails, voice calls, and social media to bypass traditional security layers. AI-generated voices and deepfake technology have made these scams — such as executive impersonation and IT support fraud — increasingly convincing and difficult to defend against.
Industry-wise, professional services, IT, telecommunications, real estate, and legal sectors are among the most targeted due to their access to sensitive financial and client data. Real estate professionals, in particular, have seen a significant rise in phishing and impersonation attempts. Mimecast also uncovered large-scale credential-harvesting campaigns against hospitality workers, exploiting trusted hotel management systems like Expedia and Cloudbeds.
As attackers continue to evolve their tactics, Mimecast emphasizes the urgent need for organizations to strengthen cyber resilience through employee education, AI-powered defenses, and proactive threat detection strategies. The report concludes that with the human layer now the most exploited entry point, cybersecurity must go beyond technology — it must foster awareness, preparedness, and adaptive defense across every level of an organization.
For a deeper dive into Mimecast’s findings and expert recommendations, the full Global Threat Intelligence Report: January – September 2025 is available for download on Mimecast’s official website.