Email Security
We've curated 55 cybersecurity statistics about Email security to help you understand how phishing attacks, malware, and advanced authentication practices are evolving in 2025, ensuring your communications remain safe from emerging threats.
Showing 1-20 of 55 results
Less than one-fifth of total healthcare email incidents involved identity abuse via stolen credentials, yet these remained the most damaging type of attack.
Diversion tactics (fraudulent invoices, fake payroll requests) accounted for 18% of BEC incidents in Q4 2025.
In Q4 2025, callback phishing increased from 3% to 18% of all phishing incidents, a 500% spike.
In Q4 2025, Business Email Compromise accounted for 51% of all email fraud cases.
Credential phishing campaigns using .es domains increase 51 times year-over-year, with the .es top-level domain jumping from the 56th to the 3rd most-abused TLD.
In Q4 2025, CEOs and senior executives accounted for 50% of impersonation-based BEC emails and 41% of total BEC incidents.
Approximately 17% of healthcare email breaches were the result of phishing-driven mailbox takeovers.
76% of initial infection URLs in abalyzed phishing attacks were unique and have not appeared in other campaigns across Cofense's customer base.
Conversational attacks comprise 18% of all malicious emails.
In 2025, a malicious email attack occurs every 19 seconds, more than doubling from 2024’s pace of one every 42 seconds.
Stolen login credentials led to the most damaging email-related healthcare breaches in 2025, exposing more than 630,000 patient records.
Abuse of legitimate remote access tools increased by 900% by volume.
Impersonation made up 82% of all BEC incidents in Q4 2025.
Nearly one-third of all healthcare email incidents were attributed to vendor and business associate email exposure, making it the most frequent attack pattern.
100% of advanced email threats bypassed incumbent email security, including Microsoft E3/E5 and leading secure email gateways.
Approximately 3 million email addresses in the healthcare sector may be at risk of exposure to cyberattacks due to unverified email delivery practices.
Approximately 45% of advanced email attacks showed indicators of AI assistance, projected to rise to 75–95% within the next 18 months
77% of advanced email attacks impersonated business-critical brands such as DocuSign, Microsoft, and Google.
77% of advanced email attacks failed SPF, DKIM, or DMARC authentication yet still reached inboxes.
Approximately 4.5% of outbound healthcare email connections were delivered to servers with expired or self-signed certificates.