Skip to main content

CYBERSTATS

Security Intelligence

HomeTopicsPhishing

Phishing

Cybersecurity statistics about phishing

Related Topics

Phishing Techniques9Phishing Kits3Phishing Infrastructure3Phishing Links2Phishing Domains2Phishing emails2

Top Vendors

KnowBe478VIPRE30Barracuda13Paubox10Dune10SicuraNext9

Showing 1-20 of 315 results

51% of organizations have faced sophisticated, personalized phishing emails powered by deepfake technology.

Ivanti2/14/2026
PhishingDeepfake

76% of initial infection URLs in abalyzed phishing attacks were unique and have not appeared in other campaigns across Cofense's customer base.

Cofense2/9/2026
PhishingMalicious URLs

82% of malicious files have unique hashes that traditional pattern-matching fails to detect.

Cofense2/9/2026
Malicious FilesThreat Detection

Credential phishing campaigns using .es domains increase 51 times year-over-year, with the .es top-level domain jumping from the 56th to the 3rd most-abused TLD.

Cofense2/9/2026
PhishingDomain Abuse

In Q4 2025, callback phishing increased from 3% to 18% of all phishing incidents, a 500% spike.

VIPRE Security Group2/9/2026
PhishingCallback Phishing

Conversational attacks comprise 18% of all malicious emails.

Cofense2/9/2026
PhishingEmail Security

Approximately 17% of healthcare email breaches were the result of phishing-driven mailbox takeovers.

Paubox2/9/2026
HealthcareEmail Security

In 2025, a malicious email attack occurs every 19 seconds, more than doubling from 2024’s pace of one every 42 seconds.

Cofense2/9/2026
PhishingEmail Security

Abuse of legitimate remote access tools increased by 900% by volume.

Cofense2/9/2026
Remote Access ToolsPhishing

Fifty percent of affected consumers cite immediate financial fraud as their primary fear, and 54 percent of consumers report an increase in targeted phishing attempts after a breach (2025)

Identity Theft Resource Center2/4/2026
Financial FraudPhishing

Eighty-eight percent of consumers who received a data breach notice experience at least one negative consequence after a breach; 40 percent experience an increase in phishing or scam attempts; 49 percent experience an increase in spam emails or robocalls; 40 percent experience attempted takeover of an existing account (2025)

Identity Theft Resource Center2/4/2026
Consumer HarmPhishing

In 2025, malicious attachments were present in 18% of phishing attacks.

Barracuda1/13/2026
PhishingMalware

In late 2025, there were 10 million Mamba 2FA phishing attacks recorded.

Barracuda1/13/2026
Phishing2FA

Clicks on phishing links decreased by 27%, from 119 per 10,000 users last year to 87 per 10,000 users this year.

Netskope1/13/2026
PhishingPhishing Links

77% of advanced email attacks impersonated business-critical brands such as DocuSign, Microsoft, and Google.

StrongestLayer1/13/2026
Email SecurityPhishing

In 2025, 'polymorphic' attacks that varied the email header, body, and destination were seen in 20% of phishing attacks.

Barracuda1/13/2026
PhishingPhishing Techniques

In 2025, CAPTCHA was leveraged for added authenticity in 43% of phishing attacks.

Barracuda1/13/2026
PhishingPhishing Techniques

In 2025, attacks leveraging generative AI were reported in 10% of phishing attacks.

Barracuda1/13/2026
PhishingGenerative AI

In 2025, 90% of high-volume phishing campaigns utilized Phishing-as-a-Service (PhaaS) kits.

Barracuda1/13/2026
PhishingPhishing Kits

In 2025, malicious QR codes were observed in 19% of phishing attacks.

Barracuda1/13/2026
PhishingQR Codes