Arkose Labs has released its latest threat intelligence report, Enterprises Under Attack: Quarterly Threat Actor Patterns – Industry Trends, Analysis and Benchmarks, revealing a sharp escalation in sophisticated digital fraud, particularly in SMS toll fraud and precision-targeted attacks. The Q4 2025 findings highlight a transformative shift in adversary tactics, with malicious actors adopting more focused, high-impact strategies. According to the report, SMS toll fraud surged by 67% in the quarter, emerging as the most prominent threat. This form of fraud involves attackers sending massive volumes of unauthorized text messages to premium-rate numbers, exploiting revenue-sharing models to generate illicit profits. The trend reflects a growing preference among cybercriminals for direct monetization schemes over traditional, low-yield attacks. The report also identifies a significant shift in attack patterns: fewer but much larger campaigns. While overall attack volume remained relatively stable, the average size of individual attacks increased dramatically. In the gig economy sector, for example, the number of attacks dropped by 51%, but malicious traffic rose by 49%, leading to a 300% increase in average attack size. This indicates a strategic pivot toward high-value targets with minimal effort, allowing fraudsters to maximize returns. Fintech was another major target, with fraud attempts in the sector rising by 97%. Gaming platforms also saw a 125% increase in attacks, driven by the growing value of in-game assets and user accounts. These figures underscore a broader trend: attackers are no longer casting wide nets. Instead, they are focusing on specific industries and entry points where the potential for financial gain is highest. Frank Teruel, Chief Operating Officer at Arkose Labs, emphasized the growing sophistication of threat actors. “Our latest data leaves no room for doubt—fraudsters are not just getting smarter, they’re getting bolder,” he said. “Organizations are facing larger-scale, precision-driven attacks, while foundational threats like fake account creation remain relentless. This is bound to get worse with the rise of Agentic AI attacks. Leaders who understand the evolving playbook will be better equipped to disrupt attacker economics and safeguard their customers.” The report is based on real-world data from Arkose Labs’ global network, which protects some of the world’s most recognized consumer brands. Unlike surveys or simulated data, these insights are derived from actual attack behavior across diverse industries, offering a clear and accurate picture of the current threat landscape. By combining device ID, behavioral analysis, phishing protection, email intelligence, API defense, and bot management, Arkose Labs’ platform actively undermines the economic viability of attacks. It introduces dynamic friction that makes it too costly for fraudsters to continue, effectively disrupting their operations. The company’s Security Operations Center (SOC) leverages cross-industry intelligence to monitor legitimate traffic and attack patterns across global enterprises, providing actionable insights to help organizations stay ahead of emerging threats. Arkose Labs continues to play a key role in combating organized fraud networks, including Storm-1152. For more details and to access the full report, visit: www.arkoselabs.com/resource/enterprises-under-attack-quarterly-threat-actor-patterns-released-q4-2025-report/