Cybersecurity experts are watching a troubling shift in how hackers attack computers and critical systems. Even though the total number of phishing attacks decreased by 20 percent, the danger is actually growing because criminals are getting smarter about how they strike.
One major threat involves WhatsApp, the popular messaging app used by billions of people worldwide. Attackers are sending fake business documents through WhatsApp to trick people into downloading files that secretly install harmful software on their computers. These phishing attacks appear legitimate because they mimic real business communications, making them harder for people to spot.
The strategy works because most people trust documents from what looks like a professional source. When someone clicks on what they think is a spreadsheet or invoice, malware installs without their knowledge. This method is particularly dangerous because WhatsApp is primarily used on phones, and many people feel safer opening files there than on email.
Beyond personal computers, hackers are also targeting critical infrastructure that Americans depend on every day. Security researchers discovered that fuel tank gauge systems across the United States are under active attack. These systems help gas stations and fuel storage facilities monitor inventory and operations. If hackers compromise this equipment, they could disrupt fuel supplies or cause safety hazards.
The shift toward infrastructure attacks reflects a broader pattern in cybersecurity. Criminals are becoming more selective and strategic. Rather than sending millions of generic phishing emails hoping someone will fall for them, attackers now focus on specific targets and use personalized methods. They research their victims and craft messages that seem genuine.
Security researchers tracking attack surface exposures—the different ways hackers can enter systems—identified ten major areas of concern for 2026. These include the types of vulnerabilities that phishing attacks and infrastructure hacks exploit. The analysis shows that as companies add more technology to their operations, they accidentally create more opportunities for criminals.
Experts recommend several steps to stay safe. People should be cautious about opening files from messaging apps, even if they seem to come from known contacts. Businesses should update their security systems regularly and train employees to recognize fake documents. Companies managing critical infrastructure need specialized protections since attacks on these systems affect everyone.
The declining phishing volume numbers might seem like good news, but cybersecurity professionals say the real picture is more complex. Fewer attacks that are better targeted and more sophisticated are often more harmful than high-volume campaigns. The focus on infrastructure and business documents shows that hackers are becoming increasingly dangerous, even as overall attack numbers decrease.