European Cybersecurity Month 2025: A Europe-wide push against phishing
As Europe marks the 2025 edition of European Cybersecurity Month, authorities are sharpening their focus on phishing—the most common method attackers use to breach devices and data. Recent analyses indicate that about 60% of cyberattacks begin with phishing, using deceptive emails, texts, or fraudulent websites to steal credentials or access systems. The campaign emphasizes building citizens’ knowledge so they can fail before they cause harm.
Understanding why phishing remains the biggest threat
Phishing exploits everyday trust. Messages that look legitimate, urgent requests, or familiar brands can prompt quick, emotional responses. Attackers vary from broad email campaigns to targeted spear phishing aimed at individuals or organizations. Because many people juggle busy digital lives, mistakes can lead to serious consequences when credentials unlock sensitive systems.
The campaign: education, vigilance, and practical steps
The European Commission and the European Union Agency for Cybersecurity (ENISA), with support from partners across the EU, aim to raise public awareness and provide practical tools. The effort centers on simple, repeatable behaviors that users can adopt daily—such as verifying sender details, hovering over links before clicking, and enabling multi-factor authentication—to reduce risk even when a threat slips past filters.
Leadership insight
Executive Vice-President for Technological Sovereignty, Security and Democracy, Henna Virkkunen, stated:
“Cybersecurity is not just about technology, it is a critical condition for all sectors of society and a shared responsibility. Phishing attacks and other cyber threats can have devastating consequences, disrupting our critical infrastructure and businesses, and undermining our trust in the digital world. By staying vigilant and taking simple steps to protect ourselves online, we can all play our role in fighting against cyber threats while helping to build a safer, more secure digital future for everyone.”
Organisers and the broader mission
Organised by the European Commission and ENISA, with support from various organisations across Europe, the initiative also promotes cybersecurity careers and supports the European cyber workforce. This comes at a time when Europe’s skills gap is particularly acute, underscoring the link between awareness, education, and a resilient digital economy.
What individuals and organisations can do now
Everyone has a role in strengthening Europe’s digital frontier. Practical steps include questioning unsolicited messages, verifying URLs before entering credentials, using strong, unique passwords, and turning on multi-factor authentication where available. Organisations should implement phishing simulations, train staff to spot risk indicators, and keep security patches up to date. Schools, libraries, and community groups can weave phishing awareness into digital literacy programs to reach citizens where they live and work.
Looking ahead: skills, jobs, and a safer digital Europe
European Cybersecurity Month 2025 serves as a reminder that cybersecurity is a shared responsibility and a growing field. By raising awareness and expanding the EU’s cyber workforce, the initiative helps close the skills gap and ensures citizens, businesses, and critical infrastructure stay safer online. As technology evolves, ongoing education and collaboration among policymakers, industry, and the public will be essential to defending Europe’s digital future.
