Email Security
We've curated 92 cybersecurity statistics about Email security to help you understand how phishing attacks, malware, and advanced authentication practices are evolving in 2025, ensuring your communications remain safe from emerging threats.
Showing 21-40 of 92 results
57% of desk-based workers who use email or chat say AI makes phishing harder to spot because it feels more professional.
56% of breached healthcare organizations had permissive or missing SPF records (9% missing, 46% soft fail).
31% of breached Microsoft 365 healthcare organizations were classified as High Risk.
AI-generated spear phishing increased from 2.8% to 13.9% of total observed phishing in 2025.
56% of adults aged 18–24 avoid unknown links, versus 81% of adults aged 65 and older.
51% of banking executives report a significant email-based breach in the past year.
AI-generated emails are 75% more effective at evading traditional email filters.
AI-generated email attacks grew 5x in 2025.
Microsoft 365 is adopted by approximately 79% of healthcare organizations.
74% of breached healthcare organizations lacked effective DMARC enforcement (41% missing entirely, 33% monitor-only).
53% of email-related healthcare breaches occurred on Microsoft 365.
More than 8.2 million phishing emails targeted VIPs in 2025, representing over a quarter of all phishing activity that year.
32 million phishing emails were detected globally in 2025.
Large-text, long-form phishing messages increased from 27% to 33% year-over-year.
70% of phishing emails pass DMARC authentication.
41% of breached healthcare organizations fell into a high-risk category based on their email configuration, up from 31% in 2024.
170 email-related healthcare breaches occured in 2025.
Nearly one-third of all healthcare email incidents were attributed to vendor and business associate email exposure, making it the most frequent attack pattern.
Abuse of legitimate remote access tools increased by 900% by volume.
Credential phishing campaigns using .es domains increase 51 times year-over-year, with the .es top-level domain jumping from the 56th to the 3rd most-abused TLD.