Email Security
We've curated 92 cybersecurity statistics about Email security to help you understand how phishing attacks, malware, and advanced authentication practices are evolving in 2025, ensuring your communications remain safe from emerging threats.
Showing 1-20 of 92 results
Phishing activity declined by approximately 20% year-over-year in both 2024 and 2025.
Services industry phishing hits surged 65.5% year-over-year from 330.9 million to 547.7 million hits.
95.2% of phishing activity is delivered over encrypted channels.
63% of law firm decision-makers report a significant email-based security breach in the past 12 months.
One in three email messages is malicious or unwanted spam.
34% of companies experience at least one account takeover incident every month.
More than 10% of HTML attachments are malicious.
70% of malicious PDFs contain QR codes leading to phishing websites.
48% of malicious email activity is phishing.
21.6% of phishing attacks use redirect chains that route victims through multiple URLs to obscure malicious destinations.
Vendor email compromise accounts for 61% of all business email compromise attacks.
Phishing accounts for 58% of all attacks.
Confirmed business email compromise (BEC) losses range from $140,000 to $1.5 million, compared to an average of roughly $40,000 in early 2025.
56% of desk-based workers who use email or chat feel pressure to respond to work messages after normal business hours at least sometimes.
45% of desk-based workers who use email or chat have replied to a work message and later questioned whether it was legitimate.
68% of desk-based workers who use email or chat check work email or chat outside normal business hours at least sometimes.
57% of desk-based workers who use email or chat have verified a message's request only after taking action first.
63% of desk-based workers who use email or chat clicked a work-related link in the past year and later felt they should have double-checked it first.
64% of desk-based workers who use email or chat say an AI-generated message could likely impersonate someone they work with.
72% of desk-based workers who use email or chat say phishing attempts are more convincing than a year ago because of AI-written language.