Only 5% of known phishing attacks are reported to healthcare security teams.

89% of financial organisations expressed concern about AI-powered phishing attacks.

iOS devices are exposed to twice as many phishing attacks compared to Android.

In 2024, the percentage of Android users targeted by phishing attacks was 12%.

APAC had the highest global phishing encounter rates, followed by EMEA and North America.

26% of iOS devices were targeted by threat actors with phishing attacks in 2024.

SpyCloud recaptured over 1.7 million phished records between the ONNX and Caffeine PhaaS platforms in the second half of 2024.

64% of the phished records contained location data, mostly in the form of IP addresses.

97% of the phished records SpyCloud collected in 2024 contain at least one email address.

About half of the recaptured phished data included specific city or postal code information.

70% of UK firms have experienced phishing attempts.

Steam leads the list of the most impersonated brands in phishing scams.

Guardio detected a 604% increase in toll-related scam texts since the beginning of the year.

Three toll collection services, SunPass, E-ZPass, and EZDrive Massachusetts, appeared in the top 10 most targeted brands by cybercriminals.

Scammers are taking advantage of the wave of store closures, including Joann and Forever 21, to create fake 'going out of business' sales.

The top 10 most imitated brands in Q1 2025 are: Steam, Microsoft, Facebook/Meta, Roblox, SunPass, E-ZPass, USPS, EZDrive Massachusetts, Netflix, and WeTransfer.

SEG miss rates range from 38.4 to 101 phishing emails per 100 mailboxes monthly.

49% of SMBs believe AI will be most useful in flagging phishing emails and texts.

Each missed phishing email takes 27.5 minutes of analyst time

Over 65% of missed phishing emails across SEGs are vendor scams and credential theft.