Email Risk
We've curated 15 cybersecurity statistics about Email risk to help you understand how phishing attacks, malware delivery, and business email compromise are evolving in 2025. Discover the latest trends and practices to safeguard your inbox!
Top Vendors
Showing 1-15 of 15 results
56% of breached healthcare organizations had permissive or missing SPF records (9% missing, 46% soft fail).
Microsoft 365 is adopted by approximately 79% of healthcare organizations.
74% of breached healthcare organizations lacked effective DMARC enforcement (41% missing entirely, 33% monitor-only).
31% of breached Microsoft 365 healthcare organizations were classified as High Risk.
170 email-related healthcare breaches occured in 2025.
41% of breached healthcare organizations fell into a high-risk category based on their email configuration, up from 31% in 2024.
53% of email-related healthcare breaches occurred on Microsoft 365.
97% of security and IT pros surveyed believe behavioral AI can help prevent accidental data loss before it occurs.
95% of organizations surveyed reported measurable business impact due to misdirected email, including remediation costs, compliance violations, or damage to customer trust.
98% of security leaders consider misdirected email a significant risk.
The average enterprise spends over 400 hours per year managing false positive alerts from data loss prevention (DLP) or email security tools.
Misdirected emails contributed to over $1.2 billion in fines worldwide last year.
47% of security and IT professionals learn of misdirected emails from recipients rather than from security tools.
Misdirected emails accounted for 27% of all data protection incidents under the GDPR last year.
96% of organizations surveyed experienced data loss or exposure from misdirected email in the past year.