Skip to main content

Cybersecurity Statistics

Security Intelligence

HomeTopicsPhishing

Phishing

Email security statistics, phishing attack trends, user awareness metrics, and defense effectiveness data.

Related Topics

Scams6Consumer6Phishing Infrastructure3AI3Education2Phishing Domains2

Top Vendors

KnowBe478VIPRE30Barracuda13Paubox10Dune10SicuraNext9

Showing 1-20 of 314 results

Approximately 17% of healthcare email breaches were the result of phishing-driven mailbox takeovers.

Paubox2/9/2026
HealthcareEmail Security

In 2025, a malicious email attack occurs every 19 seconds, more than doubling from 2024’s pace of one every 42 seconds.

Cofense2/9/2026
Email SecurityEmail Attack

Credential phishing campaigns using .es domains increase 51 times year-over-year, with the .es top-level domain jumping from the 56th to the 3rd most-abused TLD.

Cofense2/9/2026
Domain AbuseCredential Theft

Conversational attacks comprise 18% of all malicious emails.

Cofense2/9/2026
Email SecurityEmail Attack

In Q4 2025, callback phishing increased from 3% to 18% of all phishing incidents, a 500% spike.

VIPRE Security Group2/9/2026
Callback PhishingEmail Security

82% of malicious files have unique hashes that traditional pattern-matching fails to detect.

Cofense2/9/2026
Malicious FilesThreat Detection

76% of initial infection URLs in abalyzed phishing attacks were unique and have not appeared in other campaigns across Cofense's customer base.

Cofense2/9/2026
Malicious URLsEmail Attack

Abuse of legitimate remote access tools increased by 900% by volume.

Cofense2/9/2026
Remote Access ToolsEmail Security

Fifty percent of affected consumers cite immediate financial fraud as their primary fear, and 54 percent of consumers report an increase in targeted phishing attempts after a breach (2025)

Identity Theft Resource Center2/4/2026
Financial Fraud

Eighty-eight percent of consumers who received a data breach notice experience at least one negative consequence after a breach; 40 percent experience an increase in phishing or scam attempts; 49 percent experience an increase in spam emails or robocalls; 40 percent experience attempted takeover of an existing account (2025)

Identity Theft Resource Center2/4/2026
Consumer HarmSpam

In 2025, CAPTCHA was leveraged for added authenticity in 43% of phishing attacks.

Barracuda1/13/2026
Phishing TechniquesCAPTCHA

In 2025, 'ClickFix' social engineering techniques were used in 1% of phishing attacks.

Barracuda1/13/2026
Phishing TechniquesSocial Engineering

In 2025, the use of 'Blob URIs' was noted in 2% of phishing attacks.

Barracuda1/13/2026
Phishing Techniques

The number of known phishing kits doubled during 2025, reaching a significant increase in active use.

Barracuda1/13/2026
Phishing Kits

In 2025, attacks leveraging generative AI were reported in 10% of phishing attacks.

Barracuda1/13/2026
Generative AI

In 2025, malicious attachments were present in 18% of phishing attacks.

Barracuda1/13/2026
MalwarePhishing Techniques

In 2025, malicious QR codes were observed in 19% of phishing attacks.

Barracuda1/13/2026
QR CodesPhishing Techniques

Approximately 45% of advanced email attacks showed indicators of AI assistance, projected to rise to 75–95% within the next 18 months

StrongestLayer1/13/2026
Email SecurityEmail Threats

77% of advanced email attacks failed SPF, DKIM, or DMARC authentication yet still reached inboxes.

StrongestLayer1/13/2026
Email SecurityEmail Threats

In 2025, the abuse of trusted, legitimate online platforms was noted in 10% of phishing attacks.

Barracuda1/13/2026
Phishing Techniques
...