Public administration and healthcare sectors each represent 24 percent of targeted engagements, with public administration holding the top target position for three consecutive quarters. The Federal Trade Commission separately reported $2.1 billion in social media scam losses during 2025, with 30 percent originating on social media platforms. MFA weaknesses appeared in 35 percent of Q1 2026 incidents, with attackers bypassing authentication through device registration on compromised accounts and direct Exchange server connections that circumvent standard protocols.
The trend reflects a fundamental shift: AI tools have democratized phishing operations, enabling threat actors without advanced technical skills to execute faster, larger campaigns with higher success rates. Organizations should prioritize user awareness training, robust MFA implementation beyond standard protocols, patch management discipline, and centralized logging. Public administration agencies face particular risk given legacy system dependencies, constrained security budgets, and operational pressures that limit downtime tolerance—conditions that attract both financially motivated and espionage-focused adversaries.