Skip to main content

CYBERSTATS

Security Intelligence

HomeTopicsPhishing

Phishing

Email security statistics, phishing attack trends, user awareness metrics, and defense effectiveness data.

Related Topics

Email Security13Phishing Techniques9Email Attack6Scams6Consumer6Email Threats4

Top Vendors

KnowBe478VIPRE30Barracuda13Paubox10Dune10SicuraNext9

Showing 1-20 of 315 results

51% of organizations have faced sophisticated, personalized phishing emails powered by deepfake technology.

Ivanti2/14/2026
DeepfakeSocial Engineering

In Q4 2025, callback phishing increased from 3% to 18% of all phishing incidents, a 500% spike.

VIPRE Security Group2/9/2026
Callback PhishingEmail Security

82% of malicious files have unique hashes that traditional pattern-matching fails to detect.

Cofense2/9/2026
Malicious FilesThreat Detection

Credential phishing campaigns using .es domains increase 51 times year-over-year, with the .es top-level domain jumping from the 56th to the 3rd most-abused TLD.

Cofense2/9/2026
Domain AbuseCredential Theft

76% of initial infection URLs in abalyzed phishing attacks were unique and have not appeared in other campaigns across Cofense's customer base.

Cofense2/9/2026
Malicious URLsEmail Attack

Conversational attacks comprise 18% of all malicious emails.

Cofense2/9/2026
Email SecurityEmail Attack

Approximately 17% of healthcare email breaches were the result of phishing-driven mailbox takeovers.

Paubox2/9/2026
HealthcareEmail Security

In 2025, a malicious email attack occurs every 19 seconds, more than doubling from 2024’s pace of one every 42 seconds.

Cofense2/9/2026
Email SecurityEmail Attack

Abuse of legitimate remote access tools increased by 900% by volume.

Cofense2/9/2026
Remote Access ToolsEmail Security

Fifty percent of affected consumers cite immediate financial fraud as their primary fear, and 54 percent of consumers report an increase in targeted phishing attempts after a breach (2025)

Identity Theft Resource Center2/4/2026
Financial Fraud

Eighty-eight percent of consumers who received a data breach notice experience at least one negative consequence after a breach; 40 percent experience an increase in phishing or scam attempts; 49 percent experience an increase in spam emails or robocalls; 40 percent experience attempted takeover of an existing account (2025)

Identity Theft Resource Center2/4/2026
Consumer HarmSpam

77% of advanced email attacks failed SPF, DKIM, or DMARC authentication yet still reached inboxes.

StrongestLayer1/13/2026
Email SecurityEmail Threats

Approximately 45% of advanced email attacks showed indicators of AI assistance, projected to rise to 75–95% within the next 18 months

StrongestLayer1/13/2026
Email SecurityEmail Threats

77% of advanced email attacks impersonated business-critical brands such as DocuSign, Microsoft, and Google.

StrongestLayer1/13/2026
Email SecurityDocuSign

Clicks on phishing links decreased by 27%, from 119 per 10,000 users last year to 87 per 10,000 users this year.

Netskope1/13/2026
Phishing LinksUser Behavior

In 2025, attacks bypassing multifactor authentication (MFA) were reported in 48% of phishing attacks.

Barracuda1/13/2026
MFAMFA Bypass

In 2025, malicious QR codes were observed in 19% of phishing attacks.

Barracuda1/13/2026
QR CodesPhishing Techniques

In 2025, obfuscations to hide URLs from detection were seen in 48% of phishing attacks.

Barracuda1/13/2026
Phishing TechniquesObfuscation

The number of known phishing kits doubled during 2025, reaching a significant increase in active use.

Barracuda1/13/2026
Phishing Kits

In 2025, 'ClickFix' social engineering techniques were used in 1% of phishing attacks.

Barracuda1/13/2026
Phishing TechniquesSocial Engineering