Organizations have long had to pay attention to the potential threats that stem from cyberattacks. Recently, it seems that staying ahead of the methods employed by bad actors and cybercriminals is getting harder and harder.
The 2025 Cyber Threat Intelligence Report, released in April 2025, found that the number of attacks has soared globally, with organizations now battling against an average of 1,925 attacks every single week.
Not only is the volume increasing, they’re also more sophisticated and harder to detect.
For example, only last week we saw that the U.S. Treasury Department sanctioned a Philippines-based company that was using “domain generation algorithms (DGAs) to generate numerous unique domain names and also provides cybercriminals with web design templates that impersonate trusted brands.”
In this scam, reported to have caused collective losses of over $200 million, the hackers also used the technology to rapidly change IP addresses and avoid detection. In turn, this highlights the need for equally innovative cybersecurity solutions.
Phishing emails and social engineering
Phishing emails are one of the oldest tricks in the book. For a period, company training and screening tools meant that the majority of malicious emails flagged and users could spot the giveaway signs that an email wasn’t genuine.
However, a new generation of phishing emails have started to emerge that employ clever social engineering techniques combined with tech-based tools that highly convincing.
For example, this June, researchers published details of a new spear-phishing campaign targeting financial executives and CFOs. Here, the hackers use a remote access tool called Netbird to circumvent safeguards.
“It’s well-crafted, targeted, subtle, and designed to slip past technology and people. It is a multi-stage attack where the adversary uses social engineering and defense evasion techniques to create and maintain persistent access to the victim system,” the researchers explained.
Customized phishing attempts and the education sector
A recent report from Fortra highlighted the growing trend of phishing attempts that leverage stolen personal data found on the dark web to produce highly convincing emails.
Fortra expects that cybercriminals will “use this data to personalize attacks even further, utilizing information about individuals, their families, and their co-workers.”
For the education sector, this poses a significant threat. The sector was the most targeted industry for cyberattacks in 2024, with schools subject to 4,484 attacks per week.
The education sector was the most targeted industry for cyberattacks over the past year. Schools faced an average of 4,484 attacks per week. Meanwhile, 63% of K–12 organizations were hit by ransomware last year, and 26% of those attacks started with a phishing email, according to the 2024 Sophos State of Ransomware in Education.
ManagedMethods is a leader in cybersecurity solutions for K-12 school districts on a mission to provide the education sector with effective and affordable cybersecurity tools.
In response to the growing threat represented by phishing emails, the company has launched Advanced Phishing, the first chain-of-thought (CoT) AI phishing detection tool built specifically for K–12 schools.
The new solution brings enterprise-grade phishing detection to K–12 school districts and is designed to simulate human-like problem-solving to detect phishing and spam emails across Gmail and Outlook, giving IT teams a smarter, more effective way to protect students and staff.
“Bad actors use sophisticated, socially engineered emails to impersonate trusted sources like administrators, vendors, and even students and parents in order to steal credentials, deploy ransomware, or trick staff into wiring funds,” explained Charlie Sander, CEO of ManagedMethods.
The AI model learns from real-world attacks targeting schools to improve detection accuracy and reduce false positives. The tool flags risky emails and provides IT teams with recommended response actions and automated remediation to save valuable time and reduce exposure.
In the ongoing fight against bad actors, AI-powered defense solutions like this can help organizations to up their defenses and take active measures against this widespread vulnerability.