Skip to main content

CYBERSTATS

Security Intelligence

HomeTopicsEmail Security

Email Security

We've curated 55 cybersecurity statistics about Email security to help you understand how phishing attacks, malware, and advanced authentication practices are evolving in 2025, ensuring your communications remain safe from emerging threats.

Related Topics

Healthcare13Phishing13Email Attack8Email Breach7Business Email Compromise4BEC4

Top Vendors

Paubox28VIPRE Security Group5Cofense5StrongestLayer5CISA5Paubox 4

Showing 1-20 of 55 results

Nearly one-third of all healthcare email incidents were attributed to vendor and business associate email exposure, making it the most frequent attack pattern.

Paubox2/9/2026
HealthcareEmail Attack

In Q4 2025, callback phishing increased from 3% to 18% of all phishing incidents, a 500% spike.

VIPRE Security Group2/9/2026
PhishingCallback Phishing

In Q4 2025, Business Email Compromise accounted for 51% of all email fraud cases.

VIPRE Security Group2/9/2026
Business Email CompromiseBEC

Diversion tactics (fraudulent invoices, fake payroll requests) accounted for 18% of BEC incidents in Q4 2025.

VIPRE Security Group2/9/2026
Business Email CompromiseBEC

Credential phishing campaigns using .es domains increase 51 times year-over-year, with the .es top-level domain jumping from the 56th to the 3rd most-abused TLD.

Cofense2/9/2026
PhishingDomain Abuse

In Q4 2025, CEOs and senior executives accounted for 50% of impersonation-based BEC emails and 41% of total BEC incidents.

VIPRE Security Group2/9/2026
Executive TargetingImpersonation

76% of initial infection URLs in abalyzed phishing attacks were unique and have not appeared in other campaigns across Cofense's customer base.

Cofense2/9/2026
PhishingMalicious URLs

Conversational attacks comprise 18% of all malicious emails.

Cofense2/9/2026
PhishingEmail Attack

Stolen login credentials led to the most damaging email-related healthcare breaches in 2025, exposing more than 630,000 patient records.

Paubox2/9/2026
HealthcareEmail Attack

Approximately 17% of healthcare email breaches were the result of phishing-driven mailbox takeovers.

Paubox2/9/2026
HealthcareEmail Attack

Less than one-fifth of total healthcare email incidents involved identity abuse via stolen credentials, yet these remained the most damaging type of attack.

Paubox2/9/2026
HealthcareIdentity Abuse

Impersonation made up 82% of all BEC incidents in Q4 2025.

VIPRE Security Group2/9/2026
ImpersonationBusiness Email Compromise

In 2025, a malicious email attack occurs every 19 seconds, more than doubling from 2024’s pace of one every 42 seconds.

Cofense2/9/2026
PhishingEmail Attack

Abuse of legitimate remote access tools increased by 900% by volume.

Cofense2/9/2026
Remote Access ToolsPhishing

77% of advanced email attacks failed SPF, DKIM, or DMARC authentication yet still reached inboxes.

StrongestLayer1/13/2026
Email ThreatsPhishing

Approximately 45% of advanced email attacks showed indicators of AI assistance, projected to rise to 75–95% within the next 18 months

StrongestLayer1/13/2026
Email ThreatsAI

77% of advanced email attacks impersonated business-critical brands such as DocuSign, Microsoft, and Google.

StrongestLayer1/13/2026
PhishingDocuSign

100% of advanced email threats bypassed incumbent email security, including Microsoft E3/E5 and leading secure email gateways.

StrongestLayer1/13/2026
Email ThreatsEmail Gateway

Approximately 4.5% of outbound healthcare email connections were delivered to servers with expired or self-signed certificates.

Paubox1/13/2026
Healthcare

DocuSign accounted for more than 20% of all advanced email attacks analyzed.

StrongestLayer1/13/2026
Email ThreatsDocuSign