Phishing statistics you need to know to protect your organization

Phishing statistic

Phishing statistics you need to know to protect your organization

2017 was a significant year regarding cyber-attacks. These attacks brought losses resulting in hundreds of millions of dollars at a global level.  Since they have grown, it has been critical for businesses to evaluate and see the risks with facts and figures. Therefore we have gathered some phishing statistics and information on their impact.

  1. Phishing is the first delivery method for other types of malicious software. A phishing attack isn’t just targeted at gaining information. Phishing attacks can also be used to distribute malicious programs, such as ransomware. Email attachments are still the main method of delivery for malicious programs. 1
  2. 97% of users cannot identify a sophisticated phishing email. 2
  3. According to the SANS Institute, 95% of all attacks on enterprise networks are the result of successful spear phishing. 3
  4. According to Keepnet Labs 2017 Trends Report, employees in departments that handle large-scale data have problems in recognising phishing emails. 4
  5. Only 3% of users report phishing emails to their management.5
  6. A single spear phishing attack costs an average of $1.6 million. 6
  7. According to the 2018 Verizon Data Breach Investigations Report, 30% of phishing messages are opened by targeted users, and 12% of those users click on the malicious attachment or link.7
  8. 85% of organisations have suffered from phishing attacks. These attacks are everywhere, and most organisations will encounter them at one point or another. 8
  9. According to Symantec, phishing rates have increased across most industries and organisation sizes; no company or vertical is immune. 9
  10. According to  Lookout, Phishing is both different and more problematic on the mobile device. 10
  11. According to a report by Wandera 81%, mobile phishing attacks were initiated outside of email.  11
  12. According to the Webroot Threat Report, nearly 1.5 million new phishing sites are created each month.12
  13. The number of phishing emails containing a form of ransomware grew to 97.25% since 2016. 13
  14. According to FAU researchers, 78% of people claim to be aware of the risks of unknown links in emails. And yet they click anyway. 14

Phishing attacks are trending upwards since many enterprises encounter phishing attacks every day. A single phishing attack can cost a company millions of dollars. Therefore by seeing these facts, users should work to deepen their security awareness by familiarising themselves with the signs of phishing attacks. It is also critical for businesses to evaluate their employees’ action against phishing attacks with statistical values. They should make phishing simulations regularly to see employees’ behaviour.

One click enough to start threat simulation

No installation, no configuration or permission needed!

  1. https://www.cwps.com/blog/7-startling-phishing-attack-statistics
  2. https://www.cwps.com/blog/7-startling-phishing-attack-statistics
  3. https://securityintelligence.com/improving-your-security-awareness-campaigns-examples-from-behavioral-science/
  4. https://www.keepnetlabs.com/phishing-trends-report/
  5. https://www.cwps.com/blog/7-startling-phishing-attack-statistics
  6. https://www.cwps.com/blog/7-startling-phishing-attack-statistics
  7. https://www.verizonenterprise.com/verizon-insights-lab/dbir/
  8. https://www.cwps.com/blog/7-startling-phishing-attack-statistics
  9. https://www.symantec.com/connect/blogs/latest-intelligence-june-2017
  10. https://info.lookout.com/rs/051-ESQ-475/images/Lookout-Phishing-wp-us.pdf
  11. https://www.wandera.com/blog/mobile-phishing-security-risk/
  12. https://www.webroot.com/us/en/about/press-room/releases/nearly-15-million-new-phishing-sites
  13. https://blog.barkly.com/cyber-security-statistics-2017
  14. https://www.fau.eu/2016/08/25/news/research/one-in-two-users-click-on-links-from-unknown-senders/

Share this post