Skip to main content
HomeTopicsPhishing

Phishing

Cybersecurity statistics about phishing

Showing 361-380 of 389 results

76.4% of all phishing campaigns now use polymorphic phishing tactics.

KnowBe43/20/2025
PhishingPolymorphic

In 2024, there was a 47% increase in phishing emails evading detection by Microsoft’s native security and secure email gateways.

KnowBe43/20/2025
PhishingEvasion

82.6% of all phishing emails analysed exhibited some use of AI.

KnowBe43/20/2025
PhishingAI

25.9% of phishing emails between September 15, 2024 and February 14, 2025 contained attachments.

KnowBe43/20/2025

Of 512 job application-related phishing emails, attackers targeted engineering (64%) roles, followed by finance (12%), HR (10%), IT (10%), product (2%), and others (2%).

KnowBe43/20/2025

20% of phishing emails between September 15, 2024 and February 14, 2025 relied solely on social engineering.

KnowBe43/20/2025
PhishingSocial engineering

Cybercriminals created nearly 1 million new phishing sites each month in 2024. This represents a 700% increase since 2020.

Menlo Security3/19/2025

75% of phishing links are hosted on good, trusted websites.

Menlo Security3/19/2025

Phishing attacks hosted on subdomain providers increased by 51% in 2024, representing 24% of all phishing attacks.

Menlo Security3/19/2025

Cybercriminals created nearly 1 million new phishing sites each month in 2024. This represents a 700% increase since 2020.

Menlo Security3/19/2025

There has been a 140% increase in browser-based phishing attacks in 2024 compared to 2023.

Menlo Security3/19/2025
PhishingBrowser-based phishing

Nearly 51% of browser-based phishing attempts involved some form of brand impersonation in 2024.

Menlo Security3/19/2025
PhishingBrand impersonation

There is up to six days as the average window of exposure before legacy security tools begin blocking pages from zero-hour phishing attacks.

Menlo Security3/19/2025
PhishingZero-hour phishing

Four of the top five hosting providers used by bad actors to host phishing attacks were based in the U.S. in 2024.

Menlo Security3/19/2025
PhishingUS

Solara Medical Supplies' $9.76 million settlement was due to a phishing-related breach affecting 114,000 patient records.

Paubox 3/13/2025
Data breachPhishing

It takes only another 28 seconds to enter the data after clicking a malicious link.

KnowBe43/1/2025
PhishingEducation

More than 20% of users identified and reported phishing per engagement, including 11% of the users who did click the email.

KnowBe43/1/2025

The median time to click on a malicious link after the email is opened is 21 seconds.

KnowBe43/1/2025
PhishingEducation

For medium sized organisations, the average Phish Prone Percentage PPP after one year of sustained training dropped to 5.2%.

KnowBe43/1/2025
PhishingEducation

After one year or more of sustained training, the average Phish Prone Percentage (PPP) for small institutions dropped dramatically to 3.9%.

KnowBe43/1/2025
PhishingEducation