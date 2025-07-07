A surge in identity-driven cyber-attacks targeting employee login credentials has been observed by cybersecurity researchers.

According to a new report by eSentire’s Threat Response Unit (TRU), between 2024 and the first quarter of 2025, 19,000 identity-related cyber investigations revealed a 156% increase in such threats compared to 2023.

These incidents now account for 59% of all confirmed threats across eSentire’s customer base of over 2000 organizations.

Phishing-as-a-Service Drives Credential Theft

One of the biggest enablers of this trend is Tycoon 2FA, a phishing-as-a-service (PhaaS) platform that helps cybercriminals steal Microsoft business account credentials and session cookies.

From January to May 2025, Tycoon 2FA emerged as the leading PhaaS tool, surpassing rivals like EvilProxy and Sneaky 2FA.