Email Security
We've curated 55 cybersecurity statistics about Email security to help you understand how phishing attacks, malware, and advanced authentication practices are evolving in 2025, ensuring your communications remain safe from emerging threats.
Showing 1-20 of 55 results
Credential phishing campaigns using .es domains increase 51 times year-over-year, with the .es top-level domain jumping from the 56th to the 3rd most-abused TLD.
Stolen login credentials led to the most damaging email-related healthcare breaches in 2025, exposing more than 630,000 patient records.
In Q4 2025, callback phishing increased from 3% to 18% of all phishing incidents, a 500% spike.
In Q4 2025, Business Email Compromise accounted for 51% of all email fraud cases.
Diversion tactics (fraudulent invoices, fake payroll requests) accounted for 18% of BEC incidents in Q4 2025.
In 2025, a malicious email attack occurs every 19 seconds, more than doubling from 2024’s pace of one every 42 seconds.
Abuse of legitimate remote access tools increased by 900% by volume.
Conversational attacks comprise 18% of all malicious emails.
76% of initial infection URLs in abalyzed phishing attacks were unique and have not appeared in other campaigns across Cofense's customer base.
In Q4 2025, CEOs and senior executives accounted for 50% of impersonation-based BEC emails and 41% of total BEC incidents.
Impersonation made up 82% of all BEC incidents in Q4 2025.
Nearly one-third of all healthcare email incidents were attributed to vendor and business associate email exposure, making it the most frequent attack pattern.
Less than one-fifth of total healthcare email incidents involved identity abuse via stolen credentials, yet these remained the most damaging type of attack.
Approximately 17% of healthcare email breaches were the result of phishing-driven mailbox takeovers.
Approximately 45% of advanced email attacks showed indicators of AI assistance, projected to rise to 75–95% within the next 18 months
Approximately 4.5% of outbound healthcare email connections were delivered to servers with expired or self-signed certificates.
77% of advanced email attacks failed SPF, DKIM, or DMARC authentication yet still reached inboxes.
77% of advanced email attacks impersonated business-critical brands such as DocuSign, Microsoft, and Google.
Approximately 3 million email addresses in the healthcare sector may be at risk of exposure to cyberattacks due to unverified email delivery practices.
100% of advanced email threats bypassed incumbent email security, including Microsoft E3/E5 and leading secure email gateways.