It's the time of year where everyone is reflecting on what happened in the last 12 months – whether that's checking your Spotify Wrapped, putting together a 'One Second of the Day' video or drafting up your New Year's resolutions.
For us at Tom's Guide, we're using this time to look back on all the top cyber threats of the past year, to help predict which threats will be the ones to watch out for in the future.
Now is the perfect time to get a little more cyber-secure, whether this is by installing one of the best VPNs to keep your data safe online, or making sure you have the latest antivirus installed.
Read on for all our top cyber threat predictions for 2025, as well as a look back on the top threats of 2024.
What were the top cyber threats of 2024?
Data breaches, leaks and theft were a real issue in 2024. For a more in-depth look, check out our list of the top 10 data breaches of 2024.
Ransomware frequently made headlines in 2024, and for good reason. The average cost of a ransomware attack was predicted to be $2.73 million, up by almost $1 million from the average cost of a ransomware attack in 2023. Not only this, but the average ransom payment has increased by 500% in the past year.
Data breaches were a huge issue in 2024 as well, with a whopping 422 million records exposed via data breaches from July to September alone. With the global average cost of data breaches coming in at $4.88 million, the real impact of these data breaches is devastating to think about.
In a similar vein, identity theft rose in 2024, too, with 842,000 cases of identity theft reported in the first three quarters of 2024 in the US. This means the rate of identity theft is set to outpace that of 2023.
What will the top cyber threats of 2025 be?
With the top cyber threats of 2024 uncovered, let's take a look at which cyber threats will be the most prevalent in 2025.
Total account takeover
There were a huge number of data breaches in 2024, and it looks like hackers are going to use all that data for nefarious purposes in 2025.
NordVPN, which we rate as the best VPN service, has been doing research into what the top threats of 2025 will be by analyzing comments on the dark web, and one of the top topics discussed is total account takeover.
NordVPN's research found that the most discussed threats, which included more than 135,000 comments, focus on databases filled with combinations of login credentials like usernames and passwords, as well as other personal information. These databases are referred to as "combo lists". There are nearly 26,000 comments that focus on account takeovers via exploiting this metadata to gain unauthorized access to victim's accounts.
To help combat total account takeover, change your passwords as soon as you find out they've been compromised, use two-factor authentication for all your accounts and make sure you're using strong, unique passwords for every account you have.
Smart home hacking
Beware, anyone who uses smart devices to help run their home – you may be the next target for a cyber attack.
Adrianus Warmenhoven, a cybersecurity expert at NordVPN, explains why: “Hackers are increasingly targeting a broad range of smart home devices, from security systems to everyday appliances like smart refrigerators and vacuums.
"While some devices may act as gateways for broader network attacks, others, like home CCTV systems, can be directly hacked, potentially exposing your private activities.”
You can make your devices less vulnerable to attacks by installing one of the best router VPNs to encrypt your connection to all your devices. This makes it less likely that your smart devices will be intercepted by hackers and used for nefarious purposes.
AI-powered phishing attacks
With AI rising on a seemingly unending wave, it stands to reason that hackers would take advantage of it, too.
AI-driven social engineering attacks have been around since large-scale language learning models hit the scene, but they are set to rise even more in the next year. A social engineering attack sees a hacker or scammer use psychological tactics (e.g. pretending to be an authority figure, like your boss or your bank) in order to try to make you behave in a way you usually wouldn't. Most times, the aim of influencing you is to make you send them money, download malware or give them unauthorized access to your network.
A huge part of social engineering is to convince you to act first, ask questions later. In order to do this, scammers will use a lot of urgent language in their messages, and may even attempt to use their supposed authority in order to make you not question what they are trying to convince you to do. If you feel that a message is trying to convince you into taking actions that could be risky for yourself or your business, it's important to take a step back and think about whether or not the communications you've received are legitimate.
Other important things to check that can help reveal would-be hackers are:
- The email address – the display name might be correct, but does the email match the address you've previously used for this person? Does it use a different email domain than the one you're used to (e.g. a Gmail address rather than a business email address)?
- Links in the email – hover over any links on the email with your cursor. Are they redirecting to somewhere you wouldn't expect them to? Do the links match the domain they're supposed to lead to?
- The text of the email itself – is it urging you to take action? Is it addressed generically (e.g. 'Hello sir/miss') instead of to you personally? Does it ask you to supply personal information to the sender e.g. full name, email address, financial details?
- Any attachments – are there unspecified attachments added to the email? Have you been told you need to download software in order to open a file?
These are all signs that the email you've been sent actually comes from hackers trying to gain access to your data, your money or your company's network.
Phishing using QR codes
One of the cyber threats to look out for in 2025 is QR code phishing, or quishing.
As QR codes have become more integrated into daily life, being used for everything from accessing menus, to logging into accounts, to accessing sales, it comes as no surprise that hackers would also try to take advantage of this.
Creator of the fastest VPN on the market, Surfshark, warns: "As the public is growing aware of fake URLs, scammers are exploiting QR codes to fool users, steal credentials, or install malware."
By hiding the intended phishing link in a QR code, hackers make it more likely for the link to bypass email scanners that might pick up on phishing links themselves. It also may make them initially appear more legitimate.
Before scanning a QR code, consider the source that is sending it to you. Is it a trusted source, or one you have never seen before? Use the ways to spot phishing we have previously mentioned to help determine this.
Disinformation as a service
A new and sneaky threat to be aware of when you're spending time online is the rise of disinformation as a service. This sees malicious actors get paid for spreading false information and bogus facts.
“Reflecting on current trends in the dark web, we anticipate that disinformation as a service will emerge as a significant threat next year,” warns Warmenhoven. “This solution, offered by cybercriminals, profits from creating and spreading false information. This highly customizable and adaptive service enables precise targeting of demographic profiles and manipulation of social media algorithms to maximize impact.”
Try to combat this emerging threat by not believing inflammatory or controversial statements online, especially if they seem to confirm your own biases. Checking with unbiased, independent sources like Snopes is also recommended, as is researching the supposed fact via multiple different sources.
If you find one source saying one thing, but multiple trusted sources saying the opposite, chances are it's fake.
How to keep yourself safe from cyber threats in 2025
With the new year beginning, make it one of your New Year's Resolutions to improve your cyber safety online. I can honestly say that you won't regret it.
If you're unsure of where to start, Surfshark gives the following advice for starting on your cyber safety journey:
- Enable Two-Factor Authentication – keep Multifactor authentication (MFA or 2FA) active on all your sensitive platforms, especially on financial applications.
- Keep software updated – malware always seizes unpatched vulnerabilities to take over the system or steal information.
- Use a reliable antivirus or anti-malware solution – use the best antivirus to ensure the security software on your devices will help protect against scams and malware.
- Use strong, unique passwords – if you reuse them, then just one password leak is enough to break into all your accounts. Grab one of the best password managers that will generate and save all your passwords and keep you secure online.
- Be skeptical of any unsolicited notification – be cautious of suspicious emails, messages, and phone calls; these are the venues for phishing attacks.
- Back-up your data – regularly back up your important data, in case ransomware hits.
- Consider using a VPN – an easy way to add an extra layer of privacy and security during your regular day, is by using a VPN, for either work or personal purposes.
- Decrease your digital footprint – minimize the amount of unnecessary personal data you provide or keep on any platform. Consider specialized data removal services for extra efficiency on this matter. In case of a breach, that data will be instrumental in an attack against yourself.
