A businessperson touching a lock icon as part of a cybersecurity technology software graphic.

Cybersecurity threats and data breaches

Written by:
Juan Rodriguez for Comerica
November 24, 2025
ZIDO SUN // Shutterstock

Cybersecurity threats and data breaches

In an ever-evolving landscape of changing technological advances and increasingly sophisticated cybercrime practices, individuals and businesses should remain informed and vigilant regarding the rise of cybersecurity threats and data breaches. Cybercrimes such as phishing, identity theft, business fraud and other methods that criminals use to gain unauthorized access to personal accounts can lead to financial loss as well as reputational damage.

According to a Zscaler annual phishing report, 2023 saw a 60% increase in phishing, while Ransomware reported that 43% of data is unrecoverable after a cyber attack. Identity theft remains a constant threat as well, with AI-powered scams and deepfakes empowering criminals to create convincing simulations of trusted acquaintances in order to unlawfully gain access to sensitive data.

Comerica shares tips on the most common cybersecurity threats and the steps that you can take to protect yourself and your business.

Key takeaways:

  • Cybercrime is growing in sophistication, with deepfakes, email scams, and identity theft on the rise.
  • Data breaches pose an increasing threat to individuals and businesses, risking both financial loss and compromised security.
  • Be extremely vigilant before sharing sensitive data and double check if an email, phone, or video chat correspondence seems unusual.

Common cybersecurity attacks

  • Phishing attacks occur when scammers impersonate a trusted source (for example, a friend, a bank, a vendor) in order to gain access to your account or sensitive data. These attacks will often occur in the form of an email asking you to click a link or provide data to the sender. The scammer will then use this data to gain access to your finances or engage in identity theft using your information. The FTC provides real-life examples of what a phishing email can look like:
  • Deepfakes are a technology that allows scammers to create videos that allow the scammer to resemble someone their victim knows. Like social media filters or an AI-generated video, a deepfake can seem like the real thing. If you receive a video communication from someone who appears to be familiar but is asking for private data that could allow access to your accounts, do not share this information. Instead, end the communication and reach out to the correspondent via another medium so you can ensure that you are not engaging with a deepfake.
  • Ransomware is a type of malware that holds your computer files hostage, preventing you from accessing them. The scammer will then demand payment before allowing you to regain access. Scammers use phishing emails and texts with compromised links against their victims to initiate a ransomware attack. Therefore, to avoid this kind of malware, be wary of clicking links in emails and texts. Additionally, keep your antivirus software up to date to ensure that malware can be swiftly apprehended and eliminated.
  • DDoS (distributed denial-of-service) attacks usually target companies and occur when malicious parties deliberately target a website or server by flooding it with bot traffic in order to disrupt the website’s operability. If you notice unusually high and sustained traffic from a single IP source and your website and servers are sluggish and not operating at capacity, then you may be the victim of this type of attack.

Preventive measures

There are steps that individuals and businesses can take to protect themselves from these cybersecurity threats and data breaches.

  • Protect yourself from ransomware and other forms of malware virus attacks. Be cautious of opening email attachments or clicking links in emails. Scammers will try to pose as businesses, subscription services, as well as friends and relatives to lure you into a false sense of security.
  • Be aware of the prevalence of identity theft, particularly the rise of video and audio deepfakes. When you receive a text, video chat, or phone call that sounds like it’s from a loved one or colleague but has an odd sense of urgency and a demand for sensitive data, do not share your data.
  • Update your software regularly, particularly antivirus tools and operating systems.
  • Use strong two-factor authentication measures, ensuring that your accounts are much harder for bad actors to access.
  • Take precautions to keep your data secure. Don’t use public Wi-Fi when performing sensitive tasks on your devices.

This story was produced by Comerica and reviewed and distributed by Stacker.


Trending Now