Phishing
Cybersecurity statistics about phishing
Related Topics
Showing 61-80 of 389 results
Financial services (82.74%) was the top industry targeted by phishing attacks in Europe in 2025.
Novel social engineering phishing techniques increased from 32% to 38% year-over-year.
Financial services (68.45%) was the top industry targeted by phishing attacks globally in 2025.
More than 8.2 million phishing emails targeted VIPs in 2025, representing over a quarter of all phishing activity that year.
Large-text, long-form phishing messages increased from 27% to 33% year-over-year.
In 2025, phishing activity in the META region targeted internet services (52.49%), financial institutions (28.50%), and the logistics sector (11.20%).
32 million phishing emails were detected globally in 2025.
Across the META region, Internet and Financial services accounted for over 80% of phishing activity.
IT (38.24%) was the top industry targeted by phishing attacks in North America in 2025, followed by Financial Services (29.66%) and Internet Services (22.5%).
46% of SMBs saw AI-generated phishing in the past 12 months.
Financial services (94.24%) was the top industry targeted by phishing attacks in Central Asia in 2025.
Financial services (97.36%) was the top industry targeted by phishing attacks in LATAM in 2025.
QR code-based phishing attacks increased 28%, rising from 940,000 in 2024 to over 1.2 million in 2025.
More than 1.6 million phishing emails rely on newly created domains for malicious activity.
51% of organizations have faced sophisticated, personalized phishing emails powered by deepfake technology.
Conversational attacks comprise 18% of all malicious emails.
Abuse of legitimate remote access tools increased by 900% by volume.
In Q4 2025, callback phishing increased from 3% to 18% of all phishing incidents, a 500% spike.
Credential phishing campaigns using .es domains increase 51 times year-over-year, with the .es top-level domain jumping from the 56th to the 3rd most-abused TLD.
Approximately 17% of healthcare email breaches were the result of phishing-driven mailbox takeovers.