Skip to main content

CYBERSTATS

Security Intelligence

HomeTopicsPhishing

Phishing

Cybersecurity statistics about phishing

Related Topics

Phishing Techniques9Phishing Kits3Phishing Infrastructure3Phishing Links2Phishing Domains2Phishing emails2

Top Vendors

KnowBe478VIPRE30Barracuda13Paubox10Dune10SicuraNext9

Showing 1-20 of 315 results

51% of organizations have faced sophisticated, personalized phishing emails powered by deepfake technology.

Ivanti2/14/2026
PhishingDeepfake

In Q4 2025, callback phishing increased from 3% to 18% of all phishing incidents, a 500% spike.

VIPRE Security Group2/9/2026
PhishingCallback Phishing

82% of malicious files have unique hashes that traditional pattern-matching fails to detect.

Cofense2/9/2026
Malicious FilesThreat Detection

Credential phishing campaigns using .es domains increase 51 times year-over-year, with the .es top-level domain jumping from the 56th to the 3rd most-abused TLD.

Cofense2/9/2026
PhishingDomain Abuse

76% of initial infection URLs in abalyzed phishing attacks were unique and have not appeared in other campaigns across Cofense's customer base.

Cofense2/9/2026
PhishingMalicious URLs

Conversational attacks comprise 18% of all malicious emails.

Cofense2/9/2026
PhishingEmail Security

Approximately 17% of healthcare email breaches were the result of phishing-driven mailbox takeovers.

Paubox2/9/2026
HealthcareEmail Security

In 2025, a malicious email attack occurs every 19 seconds, more than doubling from 2024’s pace of one every 42 seconds.

Cofense2/9/2026
PhishingEmail Security

Abuse of legitimate remote access tools increased by 900% by volume.

Cofense2/9/2026
Remote Access ToolsPhishing

Fifty percent of affected consumers cite immediate financial fraud as their primary fear, and 54 percent of consumers report an increase in targeted phishing attempts after a breach (2025)

Identity Theft Resource Center2/4/2026
Financial FraudPhishing

Eighty-eight percent of consumers who received a data breach notice experience at least one negative consequence after a breach; 40 percent experience an increase in phishing or scam attempts; 49 percent experience an increase in spam emails or robocalls; 40 percent experience attempted takeover of an existing account (2025)

Identity Theft Resource Center2/4/2026
Consumer HarmPhishing

77% of advanced email attacks failed SPF, DKIM, or DMARC authentication yet still reached inboxes.

StrongestLayer1/13/2026
Email SecurityEmail Threats

Approximately 45% of advanced email attacks showed indicators of AI assistance, projected to rise to 75–95% within the next 18 months

StrongestLayer1/13/2026
Email SecurityEmail Threats

77% of advanced email attacks impersonated business-critical brands such as DocuSign, Microsoft, and Google.

StrongestLayer1/13/2026
Email SecurityPhishing

Clicks on phishing links decreased by 27%, from 119 per 10,000 users last year to 87 per 10,000 users this year.

Netskope1/13/2026
PhishingPhishing Links

In 2025, attacks bypassing multifactor authentication (MFA) were reported in 48% of phishing attacks.

Barracuda1/13/2026
PhishingMFA

In 2025, malicious QR codes were observed in 19% of phishing attacks.

Barracuda1/13/2026
PhishingQR Codes

In 2025, obfuscations to hide URLs from detection were seen in 48% of phishing attacks.

Barracuda1/13/2026
PhishingPhishing Techniques

The number of known phishing kits doubled during 2025, reaching a significant increase in active use.

Barracuda1/13/2026
PhishingPhishing Kits

In 2025, 'ClickFix' social engineering techniques were used in 1% of phishing attacks.

Barracuda1/13/2026
PhishingPhishing Techniques