Identity-centric threats focus on compromising user identities to gain access to valuable organizational assets. Unlike traditional cyberattacks that exploit technical vulnerabilities, these modern threats leverage compromised credentials, which are easier to obtain and can bypass conventional security measures. Recent data shows that identity-driven threats have surged by 156% between 2023 and 2025, now accounting for 59% of all confirmed threat cases in Q1 2025.

Cybercrime-as-a-Service platforms have reshaped the landscape of cyber threats by lowering the entry barrier for threat actors. These services, such as Phishing-as-a-Service platforms, provide sophisticated tools for executing identity theft campaigns. For instance, Tycoon2FA, a leading PhaaS platform, accounts for 58% of observed account compromise cases and can be rented for as little as $200-300 per month. This model allows even those with limited technical skills to engage in complex cyberattacks.

Organizations should rethink their security posture by assuming that identities will be compromised. This includes implementing continuous authentication verification, comprehensive credential monitoring, and rapid response capabilities for identity-based threats. Additionally, employing a 24/7 Managed Detection and Response service can help detect and respond to identity threats effectively, allowing organizations to revoke session tokens and terminate active sessions when necessary.