The Most Common Cyberthreats for Businesses

As AI-related capabilities and vulnerabilities are accelerating at an unprecedented pace, cyber-enabled fraud continues to proliferate worldwide, with several major cybercrime cases having made the headlines recently. According to the Global Cybersecurity Outlook 2026 published by the World Economic Forum in January, phishing or vishing/smishing, which involves tricking users with an email or a voice/text message appearing to come from a trusted third party, remains by far the most common type of cyberattack to affect professionals and businesses.

62 percent of cybersecurity leaders surveyed all around the world between August and October 2025 indicated that their own company or professional/personal network had been affected by this type of threat over the last twelve months. Overall, 73 percent of respondents reported having been affected by cyber-enabled fraud, making phishing extremely prevalent. The two other most frequent cyberthreats for businesses are invoice/payment fraud (37 percent) and identity theft (32 percent). The growing integration of AI in these methods is significantly increasing their sophistication and effectiveness, while generative AI is causing the volume of attacks to skyrocket.