Remember the old scam emails from a “Nigerian prince” promising millions if you just handed over your bank details? Well, they have evolved and become more like a chameleon, hard to spot and easy to fool these days.
Almost everyone is at risk of falling victim to phishing attacks. It’s a startling reality that, with the click of a link, anyone—from the tech-savvy to the average internet user—can unwittingly give cybercriminals access to their most private information. This article will shed light on just how widespread phishing has become and the evolving tactics these digital predators use.
From the staggering number of malicious emails sent daily to the sophisticated impersonation of trusted brands, we’ll navigate through the key statistics that paint a clear picture of the phishing threats looming in our inbox and beyond. Whether it’s a seemingly innocent email from a well-known company or a cleverly disguised request for information, understanding these risks is the first step in safeguarding our digital lives.
Could that salary increase email asking for your bank details be really from your boss? As much as I really hope that it’s real, I’d think twice before clicking. Attackers are after your credentials, and they’re using cutting-edge technologies like AI to get them. Let’s see why.
Editor’s Picks: Top Phishing Attack Statistics
First, let’s learn more about the threat that phishing poses.
- According to GreatHorn, 57% of organizations experience phishing attempts on a weekly or daily basis.
- Almost 1.2% of all emails sent are malicious, amounting to approximately 3.4 billion phishing emails each day.
- In 74% of breaches, human factors played a role, encompassing social engineering tactics, mistakes, or misuse.
- IBM identifies phishing as the leading initial attack vector, responsible for 41% of incidents.
- CSO Online notes that more than 80% of reported security incidents are due to phishing.
- CSO Online also reports a loss of $17,700 every minute due to phishing attacks.
Phishing Attack Trends
In the second quarter of 2023, over 23% of phishing attacks around the world aimed at financial institutions. Close behind, social media platforms were targeted by about 22.3% of phishing attempts. Similarly, web-based software services and webmail also accounted for 22.3% of the attacks.
A Phishing Threats Report, analyzing key trends from about 13 billion emails analyzed by Cloudflare over a year, highlights several findings. For instance:
- Businesses are more exposed to multi-channel phishing, which goes after users across more than just email.
- Deceptive links emerged as the top phishing strategy, making up almost 36% of the threats.
- Predominantly, attackers impersonated a small group of 20 renowned brands, including Microsoft, Google, Salesforce, and Amazon, to carry out their schemes.
- 35% of ransomware attacks come through email.
- There’s a noticeable increase in identity deception threats, with millions successfully bypassing email authentication methods like SPF, DKIM, and DMARC.
AI Usage in Phishing Attacks
According to the 2023 Phishing Report from Zscaler’s ThreatLabs, the swift advancement and adoption of AI-powered software is set to enable phishing attempts that are nearly impossible to detect. This is because AI-generation tools are becoming increasingly capable of producing content that sounds convincingly human. That’s because there’s a financial incentive to steal your credentials. CrowdStrike has uncovered a market for stolen identities. Access brokers are advertising valid credentials on the dark web, and the volume of ads is increasing significantly.
- AI technologies, including tools similar to ChatGPT, have the potential to create polymorphic malware and other types of malicious code, as well as counterfeit login pages, with little to no input or coding knowledge required from the user.
- According to Cofense, there’s an expected rise in TrickBot activity in 2024, with new trends in how this malware is delivered. Organizations are likely to see an uptick in campaigns that utilize CHM and LNK files as methods for distributing TrickBot.
- Additionally, Cofense anticipates the arrival of new, cost-effective malware downloaders on the market. The current high prices of malware downloaders are paving the way for more affordable options, which could significantly impact the phishing landscape by making malicious software more accessible.
Most Common Phishing Attack Targets
- Email attackers frequently pretend to be one of the top 20 global brands 51.7% of the time, with Microsoft being the most common impersonation.
- 26% of phishing attacks targeted public-facing applications, as reported by IBM.
- Phishing attacks are responsible for 36% of all data breaches in the US.
- Furthermore, every year, 83% of organizations fall victim to at least one phishing attack.
- In the third quarter of 2023, a significant surge in phishing and malware attacks. The number of phishing incidents increased by 173% from the previous quarter, jumping from 180.4 million to 493.2 million.
- Similarly, malware encounters experienced a sharp 110% increase, with the volume of emails reaching 125.7 million, up from the 60 million reported in the second quarter.
- Additionally, Facebook was used in more phishing URLs than the next seven most frequently impersonated brands combined, with a tally of 16,657 versus 16,432.
- According to Verizon’s report, 83% of security breaches were carried out by individuals outside of the targeted organization, with the main drive behind these attacks being financial gain.
- 50% of all social engineering attacks were instances of pretexting, showing a significant increase to almost twice the amount recorded in the previous year.
Causes of Phishing Attacks
According to the Verizon Data Breach Investigations Report (DBIR) for 2023:
- Negligence is the leading cause of breaches, observed in 98% of cases, making it the most prevalent error type.
- Breaches involving stolen credentials were part of 86% of cases.
- Misdelivery, or sending information to the incorrect recipient, contributed to 43% of errors leading to breaches.
- Social engineering was involved in 17% of breaches and 10% of incidents.
- Data breaches led to a financial loss of $26,000 in 7% of cases on average, which is over double the FBI’s previously reported average loss of $11,500 in 2021.
- Ransomware was a factor in 24% of breaches.
- The motivation behind 95% of data breaches was financial.
- The human element played a role in 74% of breaches.
Phishing Attack Frequency Statistics
Phishing attacks are alarmingly common in cybercrime, with several findings underscoring their widespread impact:
- Research indicates that an average of 31,000 phishing attacks are dispatched daily.
- Nearly 50% of the cybersecurity experts surveyed have encountered a BEC attack, and 77% have been the targets of phishing attacks.
- The Anti-Phishing Working Group (APWG) identified 1.3 million unique phishing sites in the final quarter of 2022 alone, marking a record high.
- The Verizon 2023 Data Breach Investigations Report (DBIR) reveals that phishing is implicated in 36% of all data breaches.
- DataProt notes that a new phishing website emerges every 20 seconds on average.
- According to a report by Digital Guardian, 90% of security breaches in corporations stem from phishing attempts.
- Capturing login details is a primary goal of phishing. IBM’s Cost of a Data Breach Report highlights that compromised credentials are the leading cause of data breaches, being instrumental in 19% of cyber attacks.
- Phishing stands as the foremost method of cybercrime, with estimates suggesting that 3.4 billion malicious emails are dispatched daily.
- Phishing is the second most frequent cause of data breaches.
- Verizon points out that phishing is among the top four strategies for cybercriminals to infiltrate an organization, constituting over 60% of all social engineering attacks.
Most Impersonated Brands for Phishing
51.7% of the time, email attackers impersonated one of the 20 global brands. Microsoft was the number 1 choice.
- Microsoft
- World Health Organization
- SpaceX
- Saleforce
- Apple
- Amazon
- T-Mobile
- YouTube
- MasterCard
- Notion.so
- Comcast
- LinePay
Source: Cloudflare
Most Popular Phishing Attack Methods
Cybercriminals are continuously refining their techniques, yet being informed can significantly mitigate the risk of falling victim to their schemes. Crowdstrike, a JumpCloud partner, has found that interactive intrusions, where a human is behind a keyboard, increased by 60% in 2023. 75% of the attacks that gained access didn’t involve malware. “Adversaries are moving away from malware and malicious attachments, and toward more subtle and effective methods such as credential phishing, password spraying and social engineering,” it wrote in a summary of its 2024 Global Threat Report.
The primary targets and strategies used by attackers include:
- Email is the method of choice for delivering 94% of malware.
- Cybercriminals are now utilizing generative AI tools like ChatGPT to craft complex and targeted business email compromise (BEC) and phishing messages.
- The largest group targeted by phishing are webmail and Software as a Service (SaaS) users, making up 34.7% of phishing attempts.
- In the first quarter of 2022, the Anti-Phishing Working Group (APWG) reported 1,025,968 phishing attacks.
- Attacks aimed at social media platforms accounted for 12.5% of all phishing attempts in Q1 of 2022, showing an increase from 8.5% in the last quarter of 2021.
- The most frequently compromised assets in breaches are web applications and email servers.
- Approximately 65% of cyber attackers use spear phishing emails as their main method of attack.
- As of 2021, nearly 40% of breaches involved phishing, about 22% were due to hacking, and 11% included malware.
Most Common Phishing Attack Channels
- Email is the most frequently mentioned channel for receiving spam, with nearly half of the respondents (49%) indicating they receive spam emails most often.
- This is followed by phone calls, which 26.5% of people identified as a common source of spam.
- Text messages are next, with 14.7% of respondents reporting spam through this medium. Messaging apps such as WhatsApp and Facebook Messenger are reported as the least common sources, with only 9.8% of people receiving spam through these platforms.
Effectiveness of Phishing Attack Prevention Methods
Email authentication methods, like SPF, DKIM, and DMARC, are highlighted for their effectiveness against such brand impersonation. These standards are crucial for verifying the origins of servers and tenants, ensuring the integrity of messages, enforcing policies, and offering additional protections.
Despite the use of email authentication techniques, attackers have still managed to circumvent these measures to deceive email systems. In fact, it has been observed that 89% of unwanted emails were able to “pass” through SPF, DKIM, and/or DMARC checks, indicating these methods are not foolproof against sophisticated phishing attempts.
Phishing Attack Statistics By Country
The United States is the top sender of spam emails, dispatching 8 billion spam emails daily, which ranks it as the highest among all countries in terms of total spam emails sent. France comes in second, with 7.3 billion spam emails sent each day, while Germany and Russia are closely behind, each with a daily total of 7.1 billion spam emails.
Country | Spam Emails Sent Per Day (Billions) |
United States | 8 |
France | 7.3 |
Germany | 7.1 |
Russia | 7.1 |
Canada | 7 |
China | 7 |
Bulgaria | 6.9 |
Romania | 6.8 |
United Kingdom | 6.7 |
Japan | 6.5 |
Protect Your Credentials
JumpCloud combines cross-OS device management with multi-factor authentication and the option for phishing-resistant access control with JumpCloud Go™ and conditional access rules. There’s also a password manager available for instances where single sign-on isn’t an option.
These technologies work to reduce the risk of credential theft while increasing IT efficiency through streamlined application, device, and user management. You can try JumpCloud for free to determine if it’s right for your organization.
Our customers tell us that asset management is also important for security and IT operations. JumpCloud is enhancing its platform to unify SaaS, IT security, and asset management.