Phishing attacks are growing. And the latest phishing statistics prove this point. To help you stay informed about the current phishing threats, we have collected the key phishing attack statistics below.

Let’s dive in:

What Is a Phishing Attack?

A phishing attack is a social engineering attack where an attacker, posing as a trusted individual or organization, deceives a user into disclosing sensitive information or downloading a malware program onto their computer.

In phishing attacks, which account for 53% of total social attacks, threat actors frequently reach out to users through social media messages, emails, phone calls, or text messages.

Social Media Phishing Statistics

With social media users growing exponentially, cyber attackers are increasingly using social media for phishing attacks.

Here are important social media phishing statistics to consider:

Social media contributed to approximately 12% of total phishing attacks.

Though email is the top attack vector for phishing attempts, hackers are now turning to social media to run phishing campaigns. So, training your employees on social media phishing scams should be at the top of your cybersecurity priority list.

A significant percentage of companies have experienced social media attacks recently.

Hackers are increasingly using social media to attack companies. Therefore, you must implement a strict cybersecurity policy for social media usage in your company. Also, you should encourage your employees to avoid clicking phishing messages and phishing links in posts.

47% of social media users see more spam in their feeds.

Social media is becoming a favorite place for hackers to carry out cyber attacks. To avoid becoming a victim of social media phishing, you should:

Avoid clicking random links in messages
Ask yourself if someone would genuinely contact you this way on social media
Call the number of the person or organization to check the authenticity
Never share confidential details on social media

52% of all phishing attacks globally targeted LinkedIn during the first quarter.

LinkedIn is becoming a popular platform for hackers. According to a Check Point study, this ever-popular social networking platform experienced more than half of phishing attacks globally.

LinkedIn phishing messages make up 47% of social media phishing attacks.

LinkedIn phishing messages are on the rise. In these emails, hackers try to steal users’ LinkedIn account information. The stolen credentials are frequently exploited to carry out additional cyber crimes.

Phishing Email Statistics

Look at these recent phishing statistics to know how email plays a critical role in cyber attacks.

Spear phishing emails are the most popular phishing attack vector.

The number of targeted attacks is increasing. In fact, 65% of hacker groups use spear phishing as the primary infection vector. In spear phishing attacks, hackers gather company background information to exploit the human element. So, the best way to fight these spear phishing attacks is to be aware of them.

83% of organizations have recently faced a successful phishing attack (email-based).

Approximately 80% of companies have encountered email phishing. Utilizing the latest email analysis and detection tools enables you to identify and detect various types of email fraud, including business email compromise (BEC) attacks.

18% of clicked phishing emails come from a mobile device.

As the use of mobile devices for checking emails continues to rise, it’s not surprising that 18% of phishing emails are accessed on mobile phones. To protect yourself from mobile phishing, it’s important to carefully evaluate the apps you choose to install.

Here are additional email phishing stats from Global Phish Report:

1 of every 99 emails is a phishing attack.

1% of all emails you receive are phishing attacks, relying on malicious links and attachments as their main method of infection. Even more concerning, 25% of phishing emails manage to evade Office 365 security.

98% of emails containing a crypto wallet address are phishing.

Malicious emails are a leading cause of phishing. Most emails having crypto wallets are phishing. And 1 in 3 emails containing a link to a WordPress website is phishing.

So, it is imperative to use a secure email gateway to block malicious links and malicious attachments.

Website Phishing Scams Statistics

Online fraud incidents and phishing attempts present a significant threat to both businesses and individuals today. To safeguard your valuable data from potential breaches and ensure your credentials remain secure, it is essential to understand the risks associated with phishing.

Here are some key phishing facts you should know:

More than 1 million unique phishing sites have been detected in the first half of a recent year.

According to data from AtlasVPN, 1,228,816 unique phishing websites were detected in the first half of that year.

51% of phishing websites use .com as a top-level domain.

Around half of the phishing websites have .com as a top-level domain, making it a bit difficult to spot a phishing site.

29% of phishing sites use a brand name in the domain.

Branding phishing is growing. Around 3 in 10 phishing websites include a brand name in the domain. To spot a brand phishing website, you should check the spelling carefully. Most phishing attacks of this type use wrong spelling in URLs.

Facebook and Google lost millions of dollars in fraudulent invoices.

Evaldas Rimasauskas emailed fake invoices worth more than 100 million dollars to tech giants.

Brazil is the country most targeted by phishing attacks worldwide.

Brazil topped the list of countries most targeted by phishing attacks. France ranked second, followed by Portugal.

Financial Costs of Phishing Attacks

Successful phishing attacks can lead to data breaches, ransomware attacks, or other security incidents. So, needless to say, phishing attacks can cost you dearly.

Here are key findings from The Ponemon Cost of Phishing Study to help you learn about the financial loss a successful phishing attack can cause:

The average annual cost of phishing is $14.8 million.

Phishing attacks represent one of the most significant security threats that businesses encounter today. According to the Ponemon report, these successful phishing attacks lead to the loss of millions of dollars.

So, you should implement the latest security solutions like spam filters and train your employees to detect phishing messages and malicious email attachments.

Employee phishing awareness training can reduce the total average cost of phishing by 53%.

The best way to protect yourself from phishing or other social engineering attacks is to go through cybersecurity awareness training.

Get your team trained by security experts to recognize phishing emails, phishing websites, and malware threats. This training can greatly lower the expenses associated with a phishing attempt.

The average cost of employee productivity losses due to phishing attacks reached $3.2 million on a yearly basis.

Phishing attacks decrease employee productivity. Each employee spends an average of 7 hours annually viewing and possibly responding to phishing emails.

The total average cost of malware attacks caused by phishing reached $807,506.

Phishing causes an average of 15% of an organization’s malware infections. And the average cost of malware attacks caused by phishing is huge. So, you should proactively prevent phishing attacks.

The average cost of credential compromises caused by phishing reached $692,531.

When there are compromised credentials, businesses spend tech time investigating and responding to compromises. And tech time costs money, let alone the implications of compromised credentials.

What Percentage of People Get Phished?

Phishing is one of the most effective social engineering tactics. 20% of recipients click the phishing link. And 13% of recipients submit their credentials on phishing sites.

How Many Phishing Attacks Were There Recently?

Phishing attacks are on the rise. According to Dark Reading research, 69% of companies faced at least one phishing attack over the previous 12 months. There were 316,747 phishing attacks recorded in a specific month.

Which Industry Has the Highest Click Rates for Phishing?

Currently, the financial industry is the most targeted by phishing attacks, followed by SaaS/Webmail and retail/E-commerce. 23.6% of phishing attacks targeted the financial industry worldwide.

Image: Envato Elements

This article, “Phishing Statistics Small Businesses Should Know” was first published on Small Business Trends