Only half of small healthcare practices have phishing or spoofing protection enabled.

Phishing attacks now account for over 70% of healthcare data breaches as of 2024.

Salud Family Health had a phishing attack exposing 80,000+ records.

About 50% of small healthcare organisations lack anti-phishing controls beyond default spam filters.

43% of small healthcare organisations reported experiencing a phishing or spoofing incident in the past year.

Solara Medical faced a $9.76 million class-action settlement following a phishing attack.

Analysis of suspected phishing emails revealed that only 16% were genuinely malicious.

50% of law firms cited phishing as the top cybersecurity concern, a new category this year, surpassing ransomware and user behavior.

The Manufacturing sector was the prime target for email-based attacks in Q2 2025, accounting for 26% of all incidents.

Lumma Stealer is the most encountered malware family found in the wild during Q2 and is often delivered via malicious .docx, .html, or .pdf attachments, or through phishing links hosted on compromised or legitimate-looking cloud services such as OneDrive, and Google Drive.

Impersonation is the most common technique in BEC scams, with 82% of attempts targeting CEOs and executives.

Package delivery messages account for 5% in phishing emails.

Compromised websites are the second most prevalent link delivery method, at 30%.

Healthcare was the third most targeted sector for email-based attacks in Q2 2025, accounting for 19% of attacks.

Among the unidentifiable phishing kits used by phishing sites, Tycoon 2FA accounts for 10%.

For Business Email Compromise (BEC) attacks, English-speaking executives remain the most targeted at 42%.

Retail was the second most targeted sector for email-based attacks in Q2 2025, accounting for 20% of attacks.

Among the unidentifiable phishing kits used by phishing sites, other generic kits account for 5%.

Legal or HR notices account for 5% in phishing emails.

After CEOs and executives, the remaining BEC impersonation efforts are aimed at directors and managers (9%), HR personnel (4%), IT staff (3%), and school heads (2%).