The report from Sublime Security analyzes the evolution of email-based threats in 2025, focusing on significant trends that emerged throughout the year. One major issue highlighted is the rise of thread hijacking, where attackers take control of existing email threads to manipulate conversations and deceive recipients. The report also points to an increase in QR code-related scams, which have gained traction as more people utilize mobile devices for transactions and communications. Phishing tactics have also evolved, particularly in Industrial Control Systems (ICS) environments. The report notes a concerning rise in ICS phishing attacks, alongside a spike in "email bombs"—a tactic where attackers flood inboxes with numerous emails to disrupt operations. Security practitioners are warned about the growing trend of attack customization, where threats are tailored to specific targets, making them harder to detect. The report details various evasion techniques that attackers employ to bypass security measures, such as stacking different evasion methods to increase their chances of success. The analysis concludes with recommendations for 2026, aimed at helping organizations strengthen their defenses against these evolving threats. Key suggestions include enhancing awareness of emerging tactics and maintaining robust security protocols. The report emphasizes the need for continuous adaptation in an ever-changing threat landscape.