A new year is here, and with it come new resolutions, possibilities, and — regrettably — threats. No, threat actors won’t just change their ways with the flip of the calendar. Instead, they’ll double down on what’s been working and experiment with new ways of evading detection and exploiting vulnerabilities. While we can’t anticipate every malicious tactic, we can identify some of the troubling security trends most likely to continue and expand in 2025. Here are a few of our predictions and advice for how to prepare for them. Phishing kits will get trickier Phishing continues to be an effective method for Identity-based attacks, and we don’t expect that to change just yet. In fact, we’re increasingly seeing scammers using advanced phishing kits — virtual toolboxes of resources designed to make attacks much easier to launch and repeat. In 2025, these kits will evolve to make phishing even harder to.