5 email threats that stand out in 2026

Email has always been the primary entry point for cyberattacks. What has changed in 2026 is the sophistication of what comes through that door. Attackers are no longer relying solely on malicious links and fake login pages. They are abusing legitimate authentication protocols, moving laterally through trusted internal accounts, automating personalized fraud at scale, and shifting attack traffic to devices that security tools cannot see. Each of these five threats exploits something organizations assume is safe.

Understanding the shift

The defining pattern across all five threats is the same: attackers have moved away from breaking into systems toward operating within them. Once a valid session token, an OAuth grant, or a compromised internal account is obtained, the attacker's activity is largely indistinguishable from legitimate user behavior. Standard defenses that look for malicious links, known-bad domains, and obvious spoofing fail against attacks that use real infrastructure, real accounts, and real authentication flows.

According to the IBM X-Force Threat Intelligence Index 2025, valid compromised credentials were the initial access vector in 30% of all intrusions in 2024. The Verizon 2025 DBIR found stolen credentials present in 22% of confirmed breaches, with 88% of web application attacks relying on them specifically. The threat surface is no longer primarily technical. It is identity-based, and email remains the pipeline through which most of that identity compromise begins.

Read more: Email cyber threats 101: Types and tactics

1. OAuth consent phishing

OAuth consent phishing asks the victim to authorize a malicious third-party application rather than surrender a password. When a user clicks a link in a phishing email and is presented with a consent prompt requesting access to read emails, send messages, or access calendar data, approving it grants the attacker persistent token-based access to the account. MFA does not prevent it, because no password is ever stolen. The OAuth protocol has functioned exactly as designed.

Microsoft's analysis of OAuth application misuse documented campaigns where a single threat actor used compromised accounts to create approximately 17,000 multitenant OAuth applications across different tenants, then used Microsoft Graph API access to read email and send further phishing messages from within the compromised organization. The approach scales because the applications, once authorized, persist across password resets.

For healthcare organizations, OAuth abuse is a direct path to protected health information (PHI). An authorized application with email read permissions can silently access years of patient communications, billing records, and clinical correspondence without any unusual login event appearing in authentication logs. According to Paubox's 2026 Healthcare Email Security Report, 53% of email-related healthcare breaches in 2025 involved Microsoft 365 environments, and the consistent targeting of cloud email platforms makes OAuth abuse a growing vector for healthcare-specific data exposure.

Defending against OAuth consent phishing requires restricting which applications users can authorize independently. Organizations should configure consent policies to allow user consent only to applications with verified publishers and low-risk permission scopes, and enforce admin approval requirements for any application requesting access to email or calendar data.

2. Lateral phishing from compromised internal accounts

Once an attacker controls a valid email account, outbound phishing from that account bypasses most inbound defenses entirely. Messages sent from a legitimate internal address carry the full reputation of the compromised sender. Recipients who would scrutinize an external message often act without question when the same request appears to come from a known colleague.

Bleeping Computer's report from 2025 documented how the Russia-aligned group Storm-2372 used compromised internal accounts to distribute device code phishing payloads to colleagues within the same organization, continuing lateral movement through waves of internal messages. Microsoft's analysis of defending against evolving identity attack techniques noted that actors use compromised accounts to send internal emails with subjects like "Document to review," continuing post-compromise activity through trusted channels.

Healthcare organizations are particularly exposed here because clinical staff regularly exchange documents, referrals, and patient information by email as a matter of workflow. A message from a colleague asking for access to a shared file or requesting review of a patient document fits naturally into the daily pattern of clinical communication. According to Paubox's Top 3 Healthcare Email Attacks in 2025 report, 28% of email-related healthcare breaches in 2025 involved a vendor or business associate, and lateral phishing is one mechanism through which compromise in one organization propagates to its partners.

Pre-delivery filtering that analyzes behavioral signals, sudden changes in message volume, tone anomalies, and unusual attachment patterns from known senders provides protection that reputation-based filtering cannot. Paubox Inbound Email Security uses AI to analyze sender behavior and message intent, detecting anomalies in communications that appear to originate from trusted internal or partner accounts.

3. AI-generated payroll fraud and BEC

Business email compromise (BEC) has been one of the costliest categories of cybercrime for years. According to the FBI's 2024 IC3 report, BEC accounted for $2.77 billion in losses in 2024 alone, contributing to over $55 billion in cumulative reported losses over the preceding decade. Payroll diversion fraud, in which attackers impersonate employees or executives to redirect salary payments to attacker-controlled bank accounts, is a particular variant that has grown a lot alongside AI tooling.

Generative AI has removed the skill barrier that previously made convincing payroll fraud difficult to execute at scale. Attackers can now identify the appropriate HR or payroll contact, determine which employee to impersonate, and generate a message that accurately mirrors that person's tone, communication style, and typical request framing without any manual research effort per target. Researchers tracked a 15% increase in BEC emails in 2025 compared to 2024, with payroll diversion remaining one of the most persistent variants.

What makes AI-generated BEC particularly difficult to stop is that the most convincing versions contain no links, no attachments, no suspicious domains, and no formatting anomalies. They arrive from plausible addresses, reference real internal processes, and request actions that are entirely routine for the staff being targeted. A payroll administrator receiving an email from what appears to be a senior executive explaining a recent bank change and asking for updated direct deposit information has no technical signal to scrutinize.

For healthcare, BEC carries specific compliance implications. An employee deceived into redirecting a payment, disclosing billing information, or responding to a fraudulent request from an apparent vendor may inadvertently expose PHI or facilitate financial fraud against a covered entity. According to Paubox's 2025 Healthcare Email Security Report, only 5% of known phishing attacks are reported by employees, which means the proportion of successful BEC attempts that go undetected in healthcare is likely far higher than breach reports suggest.

4. Multi-stage QR code phishing

QR code phishing shifts the attack chain from corporate email security infrastructure to personal mobile devices, exploiting a structural gap in most organizations' email defenses. Legacy email gateways were built to parse text and scan URLs. A QR code is an image containing an encoded URL, invisible to text-based filters.

QR code phishing attacks increased an estimated 400% between 2023 and 2025, according to research cited across multiple security sources. EC-Council University says QR codes were present in approximately 12% of all phishing attacks in 2025, up from negligible levels just a few years prior. Healthcare, energy, and manufacturing were identified as the most targeted sectors.

The tactic has changed well beyond a simple QR code in an email body. Modern campaigns use multi-stage workflows that condition the target through several legitimate-looking interactions before the malicious step. A recipient may receive a plausible business communication, such as a request for a quote or a document exchange, then receive a follow-up asking them to scan a QR code on their phone to complete identity verification or access a file. That instruction shifts the interaction from a corporate device with enterprise security controls to a personal mobile device that most organizations have no visibility into. Research from KnowBe4 found that 73% of users scan QR codes without verifying where the link goes, and that learned behavior developed through years of using QR codes for restaurant menus and parking payment transfers directly to malicious codes embedded in email.

For healthcare organizations, QR code phishing represents a gap in HIPAA compliant communication workflows. An employee who receives a seemingly routine message and completes a QR-triggered authentication flow on a personal device may inadvertently authorize access to a clinical system, patient portal, or email account outside the scope of any organizational security monitoring.

5. Identity-led, token-based persistence

The broader pattern connecting all four prior threats is a fundamental shift in how attackers maintain access after initial compromise. Rather than maintaining a persistent malware foothold that endpoint detection tools can find, attackers increasingly obtain valid authentication tokens and operate as legitimate users for as long as those tokens remain valid. Password resets do not necessarily revoke active tokens. Endpoint scans find nothing because there is no malicious process running. Log analysis shows normal user activity because the activity genuinely originates from a valid session.

Microsoft reported a 32% spike in identity-based attacks in the first half of 2025, with attackers using AI and token flows to scale account takeover. The Verizon 2025 DBIR tracked infostealer infections leading to subsequent ransomware deployment, with the lag between credential theft and ransomware ranging from days to months, during which the attacker maintained quiet access through valid credentials.

For healthcare, this persistence model is particularly damaging. An attacker with a valid token for a Microsoft 365 account at a healthcare organization can access months of email containing PHI, map the organization's vendor relationships, identify individuals with increased access to financial or clinical systems, and conduct that entire reconnaissance from within the organization's own authentication infrastructure. According to Paubox's 2026 Healthcare Email Security Report, phishing-driven mailbox takeovers exposed 630,000 individuals in 2025, and the post-compromise behavior described in that data, inbox rule creation, keyword-based email searches, and credential reuse across connected systems maps directly to token-based persistence patterns.

What healthcare organizations can do

No single control addresses all five of these threats, but they share a common entry point: the inbox. Every attack chain documented above begins with a message that reached a user. Pre-delivery filtering that operates before messages reach inboxes removes the entry point before any further exploitation becomes possible.

Paubox's 2026 Healthcare Email Security Report found that attacks avoiding native email defenses rose 47% in 2025, reinforcing that Microsoft 365 and Google Workspace default filtering is insufficient against campaigns that route through legitimate cloud infrastructure, use trusted internal senders, or embed attack payloads in images rather than text. Paubox Inbound Email Security applies AI to analyze tone, sender behavior, and message patterns, detecting threats that bypass signature and reputation-based systems.

OAuth application governance requires its own attention. Auditing currently authorized third-party applications, restricting user consent to verified publishers, and requiring admin approval for high-permission grants removes a persistence mechanism that survives credential resets. Token revocation policies, including configuring session lifetimes and enforcing re-authentication for risky sign-in events, limit how long post-compromise access remains valid after initial detection.

Phishing-resistant MFA methods that bind authentication to the originating session and device, specifically passkeys and FIDO2 hardware keys, address both device code phishing and OAuth-based token capture in ways that push notification-based MFA cannot. According to Paubox's Healthcare IT security report, 75% of healthcare IT leaders believe employees assume Microsoft tools are automatically HIPAA compliant, and that assumption extends directly to the authentication flows those tools use.

Learn more: Paubox Inbound Email Security | Paubox's 2026 Healthcare Email Security Report | Paubox's Top 3 Healthcare Email Attacks in 2025

FAQs

What do all five of these email threats have in common?

All five exploit the trust that organizations and users place in legitimate systems. Conventional defenses built around detecting fake links and malicious files have limited effectiveness against attacks operating within legitimate infrastructure.

How does AI change the scale of these threats?

Generative AI removes the time cost of personalization. Payroll fraud that once required manual research into an organization's structure and communication patterns can now be executed at volume using automated reconnaissance and AI-generated message drafting. QR code campaigns, BEC lures, and OAuth-based phishing emails that would previously have required individual crafting can be produced in bulk, tailored to each target's role, organization, and communication style.

What is the healthcare-specific risk from these five threats?

Healthcare organizations face a combination of high data value, platform concentration in Microsoft 365, and documented configuration gaps. A single compromised inbox at a healthcare organization may contain years of PHI-bearing communications. Token-based persistence means that access may continue undetected for months.

What is the single highest-value control an organization can implement?

Pre-delivery email filtering that stops phishing messages before they reach users is the highest advantage point in the attack chain. All five threats documented above begin with a message that a user interacts with.