In 2024, over 193,000 individuals in the United States reported encountering phishing attacks. This figure had decreased compared to the previous year, when the number of phishing attacks nationwide amounted to nearly 300,000. However, in 2020 and 2019, this number was relatively low, around 241 thousand and 114 thousand, respectively.

In December 2023, around 9.45 million phishing e-mails were detected worldwide, up from 5.59 million in September 2023. This figure has seen a continuous increase since January 2022. It is partially associated with the launch of ChatGPT in November 2022.

Surveys of working adults and IT security professionals worldwide conducted in 2021 and 2023 found that the share of organizations experiencing severe consequences due to a successful cyber attack had declined. In 2023, the share of enterprises experiencing a breach of customer or client data was 29 percent, down from 44 percent in 2022. Ransomware infections that occurred through e-mail were common for 32 percent of the respondents in 2023. Cases of a credential or account compromise occurred in 27 percent of the organizations in 2023, a decrease of 25 percent compared to the year prior.

In 2023, users in Vietnam were most frequently targeted by phishing attacks. The phishing attack rate among internet users in the country was ***** percent. In the examined year, Peru was the second region, with an attack rate of nearly ** percent, while Taiwan followed with ***** percent.

As of December 2023, Indonesia recorded around ***** of phishing attacks, an increase compared to the previous month. From the first quarter to the fourth quarter of 2023, the highest number of phishing attacks happened in February, amounted to around more than ** thousand cases.

In 2024, the most common type of cybercrime reported to the United States internet Crime Complaint Center was phishing, with its variation, spoofing, affecting approximately 193,000 individuals. In addition, over 86,000 cases of extortion were reported to the IC3 during that year. Dynamic of phishing attacks Over the past few years, phishing attacks have increased significantly. In 2024, over 193,000 individuals fell victim to such attacks. The highest number of phishing scam victims since 2018 was recorded in 2021, approximately 324 thousand.Phishing attacks can take many shapes. Bulk phishing, smishing, and business e-mail compromise (BEC) are the most common types. With the recent development of generative AI, it has become easier to craft a believable phishing e-mail. This is currently among the top concerns of organizations leaders. Impact of phishing attacks Among the most targeted industries by cybercriminals are healthcare, financial, manufacturing, and education institutions. An observation carried out in the fourth quarter of 2024 found that software-as-a-service (SaaS) and webmail was most likely to encounter phishing attacks. According to the reports, almost a quarter of them stated being targeted by a phishing scam in the measured period.

In the 4th quarter of 2024, over 989,000 unique phishing attacks were detected worldwide, representing a slight increase from the preceding quarter. By far, the number of unique phishing sites has seen the most significant jump between the second and the third quarters of 2020, from nearly 147,000 to approximately 572,000. This figure is based on the number of the unique base URLs of the phishing sites.

In 2023, around 27.32 percent of total phishing attacks worldwide targeted financial institutions, down from 36.3 percent in 2022. Among the organizations attacked by financial phishing, web services were the most targeted, with more than 24 percent of phishing attacks involving them.

As of the fourth quarter of 2023, the majority of phishing attacks in Indonesia were targeted on social media platforms, reaching ***** percent. It was followed by financial institution platforms, with a share of about ***** percent.

In 2023, web services were targeted most by phishing attacks. They accounted for over ** percent of financial phishing attacks worldwide. Delivery company ranked second with nearly ** percent, while Global internet portals followed with ***** percent of the phishing attacks in the examined year.

In the second quarter of 2023, smartphone users in North America encountered around ***** thousand phishing and malicious attempts worldwide, making it the region with the highest number of such incidents. Europe ranked second, with more than *** thousand phishing and malicious attempts.

A 2022 survey of working adults and IT professionals worldwide revealed that bulk phishing attacks were the most common cyber incidents experienced by ** percent of organizations in 2022. Spear phishing ranked second, with ***** in **** respondents stating having encountered such incidents during the same year. Overall, between 2021 and 2022, there has been a decrease in the most common types of attacks.

Phishing, ransomware, and business malware have been the most widespread types of cyberattacks in the United States, resulting in data compromises. In 2024, 455 cases of phishing and its variations were detected. Ransomware followed in the second place, with 188 attacks.

In 2023, half of the social engineering attacks worldwide were scams, making it the most common type of cyberattack in this category. Phishing ranked second, with **** percent of the attacks, while business e-mail compromise (BEC) made up nearly ** percent of the total spear-phishing attacks.

In 2023, approximately ** percent of phishing sites used a top-level domain (TLD) of .com. Meanwhile, .club was the second most used top-level domain. This was used by about **** percent of phishing sites. The domain .top followed, with nearly **** percent of phishing attacks using it.

The number of phishing attacks in 2023 in Romania peaked in April, totaling ****** cyber attacks, which accounted for half of all phishing attacks in that year. By contrast, in December the number of phishing crimes was *****.

In 2023, Amazon was the most commonly impersonated online shopping brand in financial phishing attacks targeting global online shoppers. Phishing attacks impersonating Amazon made up approximately 34 percent of all online financial phishing attacks in the examined year. Apple was the second-most abused brand name, with scammers impersonating the popular tech company in approximately 18.66 percent of the global phishing attacks targeting online users.

In 2023, the most common cause or delivery of cyber attacks in the United States was Unpatched vulnerability, encountered by 23 percent of companies nationwide. Root cause unknown was the second most common origin of cyber attacks, with 22 percent of the attacks. Phishing and various types of human error were also likely to cause a cyber attack in the examined year.

As of January 2023, phishing, spear phishing, or smishing were the most common types of cyberattacks in France, with around *** in ** companies encountering it. The exploitation of a vulnerability ranked second, with ** percent. The third most common cyberattack was denial-of-service attack (DOS), detected by ** percent of the respondents.

In 2023, there were around ****** victims of phishing scams or fraud in South Korea. This was a decrease of around three percent compared to the previous year. During the period of consideration, the number peaked in 2019 with more than **** thousand victims of phishing attacks.