Phishing
Cybersecurity statistics about phishing
Related Topics
Showing 281-300 of 389 results
From 2024 to 2025, the general trend of around one-third of employees clicking on a simulated phishing link before training remained fairly consistent.
Across different regions, the highest baseline PPPs were found in South America (39.1%), North America (37.1%), and Australia and New Zealand (36.8%).
Security training reduces global phishing click rates by 86%.
Organizations with 10,000+ employees showed a global baseline PPP of 40.5%.
In organizations of 1,000-9,999 employees, three sectors achieved PPP improvement rates of 91% after 12 months of ongoing training: Healthcare & Pharmaceuticals, Hospitality, and Legal.
There has been a 3.5% decrease in the global baseline PPP within a year (from 2024 to 2025), highlighting a positive shift in overall security awareness worldwide.
The global PPP fell by a total of 86% after 12 months of ongoing security training.
Organizations with 1-250 employees had a global baseline PPP of 24.6%.
59% of financial professionals cite SMS and phishing scams powered by AI to deceive victims.
AI-driven attacks now occur as frequently as phishing, placing AI firmly among the top three cybersecurity threats.
Top concerns for CIOs regarding cybersecurity risk include: Malware and ransomware (42%), data breaches (37%), AI-driven attacks (34%), and phishing (33%).
49.7% of clicked phishing simulations mentioned HR.
Internal communications are a significant driver of phishing failures. Emails impersonating internal teams, particularly HR and IT, received the most failures in phishing simulations.
68.6% of clicked links involved domain spoofing.
Link usage accounted for 75% of phishing attempts in Q1 2024.
Smishing has rapidly grown to comprise over two-thirds of mobile phishing attacks. Specifically, SMS/text based phishing (Smishing) is now 69.3% of all mishing attacks.
The top three QR codes scanned in simulations related to: A new drug and alcohol policy from HR (14.7%), A DocuSign for review and signing (13.7%), A Workday happy birthday message (12.7%).
Link usage dropped by 42% in Q1 2025 compared to Q1 2024.
Over 60% of top-clicked phishing emails were related to HR and IT.
In attachment-based campaigns, people were most likely to open certain file types: PDFs (53%), HTML files (28.5%), Word files (18.5%).