Phishing
Cybersecurity statistics about phishing
Related Topics
Showing 1-20 of 389 results
60% of UK cybersecurity professionals say threats are already moving beyond email
66% of UK cybersecurity professionals believe employees are more likely to trust messages received through internal collaboration platforms
62% of cybersecurity professionals are seeing attacks move beyond email
54% of UK cybersecurity professionals consider traditional phishing emails the biggest threat to their organization
45% of organizations cite reducing phishing and credential-based breach risk as the leading driver for moving to passwordless authentication.
76% of organizations reported phishing as an intrusion.
Manus AI accounted for 15.6% of attributed AI site builders, Blackbox AI accounted for 14.3%, and Anything AI accounted for 9.8% of attributed builders.
52,185 threats were hosted on domains that enterprise security stacks are configured to trust, including Google Drive, Dropbox, and SharePoint.
One in five phishing links clicked by users went completely undetected by legacy URL filtering.
Services industry phishing hits surged 65.5% year-over-year from 330.9 million to 547.7 million hits.
Phishing activity declined by approximately 20% year-over-year in both 2024 and 2025.
95.2% of phishing activity is delivered over encrypted channels.
Security teams remediate phishing incidents 16% faster but spend 9% more of their annual hours remediating phishing.
20% of IT and security professionals expect phishing to get easier to deal with in the next 12 months.
Phishing costs $51,948 per security analyst annually, a 13.6% increase from $45,726 in 2022.
40% of IT and security professionals expect phishing attack volume, speed, and evasiveness to worsen over the next 12 months.
Phishing accounts for 44% of AI-assisted initial access attempts.
Across the period studied, the use of AI for account discovery rose 8.9% while AI-assisted phishing falls 8.6%.
50% of organizations rate phishing as a high or extreme threat, up from 33% in 2022.
AI-powered defenses reduce per-incident phishing handling time by 16% (from 27.5 minutes to 23.2 minutes) and reduce cost per phishing email by 12% (from $31.32 to $27.51).