Phishing attacks and cyber fraud have overtaken ransomware as the top cybersecurity concern of business leaders, according to the World Economic Forum’s (WEF) Global Cybersecurity Outlook for 2026.
Released on January 12, a week before the WEF Annual Davos meeting, the report warns that cyber-enabled fraud has become a “pervasive threat” reaching “record highs” across industry and society.
This is causing substantial financial losses for people and businesses as well as undermining trust in systems, the paper warned.
The report, produced in collaboration with Accenture, surveyed global business leaders and revealed that 77% have reported an increase in cyber-enabled fraud and phishing overall, while 73% claimed that they or a business leader they know had been affected by it.
Phishing Tops Cyber Fraud Threats
The most commonly reported form of cyber fraud was phishing attacks: 62% of respondents said they were aware of someone in their network being affected by a phishing attack. As well as email phishing attacks, this also includes including voice enabled phishing (vishing) and SMS enabled phishing (smishing).
Invoice or payment fraud, commonly used as part of business email compromise (BEC) campaigns, affected just over a third of respondents (37%), while 32% said they know of an organization in their network which has been affected by cyber-attacks involving identity fraud.
One in five respondents said they were aware of insider threat or employee-led fraud causing disruption in their network, while 17% said they knew about romance or impersonation scams targeting someone they knew personally or professionally.
Meanwhile, 17% reported that cryptocurrency and investment fraud was a concern.
Each of these different kinds of cyber fraud has the potential to cost organizations large amounts of money if attackers are successful, be it in convincing an employee to pay a phoney invoice, or by using phishing emails to steal usernames and passwords to gain access to and steal confidential information.
“As cyber risks become more interconnected and consequential, cyber-enabled fraud has emerged as one of the most disruptive forces in the digital economy, undermining trust, distorting markets and directly affecting people’s lives,” said Jeremy Jurgens, managing director, World Economic Forum.
“The challenge for leaders is no longer just understanding the threat but acting collectively to stay ahead of it. Building meaningful cyber resilience will require coordinated action across governments, businesses and technology providers to protect trust and stability in an increasingly AI-driven world.”
AI Cyber Threats Accelerate
The rise of AI-powered cyber threats is another key theme of the WEF annual review, which warns AI is “accelerating cybersecurity risks at unprecedented speed.”
According to the report, 87% of respondents experienced rising AI-related vulnerabilities last year and 94% of leaders expect AI to be the biggest force shaping cybersecurity in 2026.
To protect businesses and society from cyber-enabled fraud and other cyber-security risks, the World Economic Forum and its partners have called for collaborative action across international boundaries and industries to ensure people and organizations are able to fight off ever-more-complex cyber threats.
“This year’s findings underscore that cyber risk is no longer a technical issue alone – it is a strategic, economic and societal concern that demands coordinated action across sectors and borders,” the report said.
“Ultimately, building a secure digital future requires more than technical solutions. It calls for decisive leadership, shared accountability and a commitment to lifting the collective baseline – ensuring that resilience is accessible to all, not just the most well-resourced,” the WEF report concluded.
