Partner Article

Almost a third of UK businesses hit by remote working-related cyberattacks as phishing concerns reach record high

Almost a third of British businesses have experienced at least one remote working-related security breach in the past year, with phishing attacks accounting for 85% of all cybersecurity incidents, according to new analysis from secure networks specialist, Nasstar.

The figures, based on the UK government's Cyber Security Breaches Survey 2025, reveal that 29% of businesses have fallen victim to remote working related attacks over the past 12 months, whilst overall breach rates affected 43% of UK businesses. Medium and large businesses face significantly higher rates at 67% and 74% respectively.

The analysis comes as Google search data shows UK searches for "phishing" hit a 20 year high in December 2025, with a 600% surge in people looking for a "phishing link checker". Searches for "what is spear phishing in cyber security" increased by 1,500%, demonstrating growing awareness of highly targeted attacks on UK businesses.

Leigh Walgate, managing director of secure networks at Nasstar, said the dominance of phishing attacks reflects a fundamental shift in how businesses operate. "Despite the widespread adoption of traditional network perimeter security controls, phishing remains the dominant attack vector because it targets users, identities, and cloud applications rather than exploiting network vulnerabilities," he said.

"Phishing exploits identity and trust, not network vulnerabilities, which is why security needs to be designed around identity rather than perimeter assumptions. The search trends data reveals that the British public is increasingly aware that phishing is a major threat, and that 600% surge in demand we're seeing for a 'phishing link checker' shows that they're actively searching for ways to protect themselves from the risk posed by malicious phishing links."

Among organisations experiencing breaches, the government survey found that 65% cited phishing as their most disruptive incident. Charities proved equally vulnerable, with 86% of breaches in the voluntary sector involving phishing attacks.

The previous peak in search interest for phishing occurred in October 2020, when most people in the UK were working remotely because of the pandemic. However, December 2025's figures surpassed this, suggesting concerns have intensified as remote and hybrid working models have become permanent fixtures.

Walgate said the shift towards cloud and Software-as-a-Service platforms had fundamentally changed the risk profile for businesses. "As businesses have moved rapidly towards cloud and SaaS platforms, identity has effectively become the new perimeter," he said. "That fundamentally changes the risk profile, because attackers no longer need to break into a private network, they just need to abuse a legitimate user account."

He added that modern SASE (Secure Access Service Edge) architectures were increasingly important in addressing phishing threats. "They don't replace email security or VPNs, but they apply layered, identity and context aware controls wherever users access applications, reducing risk when phishing or credential abuse occurs," he said.

"In that context, the 600% surge in searches for a 'phishing link checker' reflects a growing demand for real time, identity aware protection, even if most people don't yet recognise it as part of a broader SASE approach."

The analysis of Google Trends data showed that average search interest in phishing jumped to a record high in December 2025. Areas showing the highest search interest in phishing-related search queries included Tewkesbury, Harrow, London, Reading and Coventry, suggesting concerns span both financial centres and regional business hubs.

 

This was posted in Bdaily's Members' News section by Leah Weatherall .