Skip to main content
HomeTopicsEmail Security

Email Security

We've curated 92 cybersecurity statistics about Email security to help you understand how phishing attacks, malware, and advanced authentication practices are evolving in 2025, ensuring your communications remain safe from emerging threats.

Showing 41-60 of 92 results

76% of initial infection URLs in abalyzed phishing attacks were unique and have not appeared in other campaigns across Cofense's customer base.

Cofense2/9/2026
PhishingMalicious URLs

Conversational attacks comprise 18% of all malicious emails.

Cofense2/9/2026
PhishingEmail Attack

Stolen login credentials led to the most damaging email-related healthcare breaches in 2025, exposing more than 630,000 patient records.

Paubox2/9/2026
HealthcareEmail Attack

Impersonation made up 82% of all BEC incidents in Q4 2025.

VIPRE Security Group2/9/2026
ImpersonationBusiness Email Compromise

In 2025, a malicious email attack occurs every 19 seconds, more than doubling from 2024’s pace of one every 42 seconds.

Cofense2/9/2026
PhishingEmail Attack

Diversion tactics (fraudulent invoices, fake payroll requests) accounted for 18% of BEC incidents in Q4 2025.

VIPRE Security Group2/9/2026
Business Email CompromiseBEC

In Q4 2025, Business Email Compromise accounted for 51% of all email fraud cases.

VIPRE Security Group2/9/2026
Business Email CompromiseBEC

In Q4 2025, callback phishing increased from 3% to 18% of all phishing incidents, a 500% spike.

VIPRE Security Group2/9/2026
PhishingCallback Phishing

In Q4 2025, CEOs and senior executives accounted for 50% of impersonation-based BEC emails and 41% of total BEC incidents.

VIPRE Security Group2/9/2026
Executive TargetingImpersonation

Less than one-fifth of total healthcare email incidents involved identity abuse via stolen credentials, yet these remained the most damaging type of attack.

Paubox2/9/2026
HealthcareIdentity Abuse

Approximately 17% of healthcare email breaches were the result of phishing-driven mailbox takeovers.

Paubox2/9/2026
HealthcareEmail Attack

DocuSign accounted for more than 20% of all advanced email attacks analyzed.

StrongestLayer1/13/2026
Email ThreatsDocuSign

77% of advanced email attacks impersonated business-critical brands such as DocuSign, Microsoft, and Google.

StrongestLayer1/13/2026
PhishingDocuSign

100% of advanced email threats bypassed incumbent email security, including Microsoft E3/E5 and leading secure email gateways.

StrongestLayer1/13/2026
Email ThreatsEmail Gateway

77% of advanced email attacks failed SPF, DKIM, or DMARC authentication yet still reached inboxes.

StrongestLayer1/13/2026
Email ThreatsPhishing

Approximately 3 million email addresses in the healthcare sector may be at risk of exposure to cyberattacks due to unverified email delivery practices.

Paubox1/13/2026
Healthcare

Approximately 4.5% of outbound healthcare email connections were delivered to servers with expired or self-signed certificates.

Paubox1/13/2026
Healthcare

Approximately 45% of advanced email attacks showed indicators of AI assistance, projected to rise to 75–95% within the next 18 months

StrongestLayer1/13/2026
Email ThreatsAI

68.8% of healthcare organizations analyzed had a 'Medium Risk' email security posture.

Paubox12/14/2025
Email BreachHealthcare

31.1% of healthcare organizations analyzed had a 'High Risk' email security posture.

Paubox12/14/2025
Email BreachHealthcare