Conversational attacks comprise 18% of all malicious emails.

Stolen login credentials led to the most damaging email-related healthcare breaches in 2025, exposing more than 630,000 patient records.

Nearly one-third of all healthcare email incidents were attributed to vendor and business associate email exposure, making it the most frequent attack pattern.

Approximately 17% of healthcare email breaches were the result of phishing-driven mailbox takeovers.

Less than one-fifth of total healthcare email incidents involved identity abuse via stolen credentials, yet these remained the most damaging type of attack.

In 2025, a malicious email attack occurs every 19 seconds, more than doubling from 2024’s pace of one every 42 seconds.

76% of initial infection URLs in abalyzed phishing attacks were unique and have not appeared in other campaigns across Cofense's customer base.

82% of malicious files have unique hashes that traditional pattern-matching fails to detect.

Abuse of legitimate remote access tools increased by 900% by volume.