In the 4th quarter of 2024, over 989,000 unique phishing attacks were detected worldwide, representing a slight increase from the preceding quarter. By far, the number of unique phishing sites has seen the most significant jump between the second and the third quarters of 2020, from nearly 147,000 to approximately 572,000. This figure is based on the number of the unique base URLs of the phishing sites.

During the fourth quarter of 2024, nearly 23 percent of phishing attacks worldwide targeted social media. Web-based software services and webmail were targeted by over 23 percent of registered phishing attacks. Furthermore, financial institutions accounted for 12 percent of attacks.

In 2024, the most common type of cybercrime reported to the United States internet Crime Complaint Center was phishing, with its variation, spoofing, affecting approximately 193,000 individuals. In addition, over 86,000 cases of extortion were reported to the IC3 during that year. Dynamic of phishing attacks Over the past few years, phishing attacks have increased significantly. In 2024, over 193,000 individuals fell victim to such attacks. The highest number of phishing scam victims since 2018 was recorded in 2021, approximately 324 thousand.Phishing attacks can take many shapes. Bulk phishing, smishing, and business e-mail compromise (BEC) are the most common types. With the recent development of generative AI, it has become easier to craft a believable phishing e-mail. This is currently among the top concerns of organizations leaders. Impact of phishing attacks Among the most targeted industries by cybercriminals are healthcare, financial, manufacturing, and education institutions. An observation carried out in the fourth quarter of 2024 found that software-as-a-service (SaaS) and webmail was most likely to encounter phishing attacks. According to the reports, almost a quarter of them stated being targeted by a phishing scam in the measured period.

In 2024, the number of reported phishing attacks increased by three percent year-over-year. In 2022, this annual increase was at 28 percent. Between 2021 and 2024, the cumulative increase in the number of reported phishing attacks was 49 percent.

This study analyzes cybersecurity issues across the UK, using data from an independent sample of 850,000 individuals and organizations during the 12 months leading up to July 2024. With cybersecurity breaches affecting 50% of small businesses, 70% of medium businesses, 74% of large businesses, and up to 66% of charities, the findings highlight the increasing threat of ransomware (45%), phishing attacks (30%), and challenges related to GDPR compliance (15%). These insights provide a comprehensive view of how cybersecurity challenges impact businesses and individuals across the region.

PHISHING EMAIL DATASET

This dataset was compiled by researchers to study phishing email tactics. It combines emails from a variety of sources to create a comprehensive resource for analysis.

Initial Datasets:

• Enron and Ling Datasets: These datasets focus on the core content of phishing emails, containing subject lines, email body text, and labels indicating whether the email is spam (phishing) or legitimate.

• CEAS, Nazario, Nigerian Fraud, and SpamAssassin Datasets: These datasets provide broader context for the emails, including sender information, recipient information, date, and labels for spam/legitimate classification.

Final Dataset:

The final dataset combines the information from the initial datasets into a single resource for analysis. This dataset contains:

• Approximately 82,500 emails
• 42,891 spam emails
• 39,595 legitimate emails

This dataset allows researchers to study the content of phishing emails and the context in which they are sent to improve detection methods.

Please cite the following two articles if you are using this dataset:

• Al-Subaiey, A., Al-Thani, M., Alam, N. A., Antora, K. F., Khandakar, A., & Zaman, S. A. U. (2024, May 19). Novel Interpretable and Robust Web-based AI Platform for Phishing Email Detection. ArXiv.org. https://arxiv.org/abs/2405.11619

In 2024, users in the media production industry worldwide saw the highest number of phishing attacks. On average, the number of phishing attacks per user in this industry reached 2.91 in one year. Government organizations worldwide ranked second, with 2.8 phishing attempts received, followed by manufacturing and construction, with 1.65 attacks per user.

The dataset "Cybersecurity Cases in India" is a comprehensive collection of real-world cybersecurity incidents reported across various cities in India. The dataset encapsulates the financial loss, incident types, and categories, providing a detailed overview of the cybercrime landscape in one of the world’s largest digital economies. With over 1000 records, it spans incidents from 2020 to 2024, covering various types of cybercrimes such as phishing, online fraud, malware attacks, ransomware, data breaches, DDoS attacks, identity theft, and more. Each record captures important attributes of the incidents, such as the year, date of occurrence, amount lost in INR, the type of incident, the city in which it occurred, and the category of the affected entity (e.g., financial, personal, corporate).

The dataset is structured to enable analysis of the trends in cybercrime over time, the financial impact of various cyberattacks, and the geographic distribution of incidents across Indian cities. It serves as a critical resource for cybersecurity professionals, policymakers, law enforcement agencies, and academic researchers seeking to understand the challenges posed by cybercrime in India and to identify strategies to combat these challenges.

1. Dataset Purpose and Scope

The dataset’s primary purpose is to provide an extensive, granular view of the nature and scope of cybersecurity incidents in India. It enables the analysis of the frequency, severity, and financial impact of cybercrimes across different types of attacks, cities, and time periods. As cybercrimes continue to rise globally, including in India, this dataset serves as an important tool for understanding the evolving threats and risks in cyberspace. Cybersecurity experts and analysts can leverage this dataset to identify patterns and trends, while government and law enforcement agencies can use it to devise more targeted interventions and preventive measures.

India, with its large and growing digital footprint, is a prime target for cybercriminals. The country's rapidly expanding internet user base, coupled with increasing digital adoption in various sectors like finance, healthcare, education, and e-commerce, makes it an attractive target for cyberattacks. This dataset allows stakeholders to understand how cybercrime evolves in response to these dynamics.

The dataset is a rich resource for understanding the following:

• Incident Frequency: How often different types of cybercrimes are reported in various Indian cities.
• Financial Impact: The monetary losses associated with each type of cybercrime.
• Geographic Distribution: The prevalence of specific types of cybercrimes in particular cities or states.
• Trend Analysis: How cybercrime has evolved over the years in terms of volume and impact.

2. Dataset Structure and Variables

The dataset includes the following key variables, each contributing valuable information to the analysis:

• Year: The year in which the cybercrime incident occurred. This variable helps track the growth or decline of cybercrime incidents over time.
• Date: The specific date of the cybercrime incident. This allows for time-series analysis of the data.
• Amount_Lost_INR: The financial loss associated with the cybercrime incident, expressed in Indian Rupees (INR). This variable highlights the economic impact of each cyberattack and can be used to assess the severity of different incidents.
• Incident_Type: The type of cybercrime incident. This can include phishing, online fraud, malware attacks, ransomware, data breaches, DDoS attacks, and identity theft. This variable is crucial for understanding which types of cybercrimes are most prevalent and how they differ in their impact.
• City: The city where the incident occurred. This allows for the geographic analysis of cybercrime, helping to identify high-risk areas and cities where certain types of cyberattacks are more common.
• Category: The category of the entity affected by the cybercrime, such as financial institutions, government bodies, corporations, educational institutions, or individuals. This variable provides insights into which sectors are more vulnerable to specific types of cyberattacks.

3. Cybersecurity Threat Landscape in India

India's digital transformation has made it a prime target for cybercriminals. As of 2023, India is one of the largest internet markets in the world, with over 600 million active internet users. The rapid growth of e-commerce, digital banking, social media, and government services has created new opportunities for cybercriminals to exploit vulnerabilities in digital systems. According to a 2022 report by the Indian Computer Emergency Response Team (CERT-In), India witnessed a significant increase in cybersecurity incidents, with millions of cyberattacks targeting individuals, b...

This dataset was used for training machine learning models to detect phishing attacks and for studying the explainability of these models. It was published in 2024. The dataset refers to phishing and legitimate websites. Phishing samples have been collected from two sources, namely, PhishTank and Tranco, whereas legitimate samples were collected from Alexa. The dataset is balanced and contains 5,000 phishing and 5,000 legitimate samples, each described by 74 features extracted from the entire URL as well as from the Fully Qualified Domain Name, pathname, filename, and parameters. Of these features, 70 are numerical and four binary. The target variable is also binary.

Data Crawling Source

• PhishTank phishing URLs
• Alexa legitimate URLs ## Content
• The dataset contains a total of 56,115 data, of which 29,428 are legitimate and 26,687 are phishing. Some legitimate data are limited by the size of the dataset. Please download it here. 2.The data organization of the dataset is as follows： https://www.googleapis.com/download/storage/v1/b/kaggle-user-content/o/inbox%2F21362184%2F108830106d7639825cb3d84a5a11e9a3%2F1.png?generation=1719134225197256&alt=media" alt=""> 3.There are two main labels: 1 represents phishing web page information and 0 represents legitimate web page information. 4.new_url_info.csv records the crawl information after manual data cleaning. url_info.csv records the original crawl record information. You can use new_url_info.csv to get more accurate tags, or use the original data for training

Phishing URL dataset exclusively contains 54,807 URLs identified as phishing, providing a focused resource for studying and combating malicious online activities. Meanwhile, the URL dataset comprises 450,176 URLs sourced from various platforms, including PhisTank, the Majestic Million, and other pertinent sources. Each URL in the dataset is meticulously categorized as either "phishing" or "legitimate." Among these URLs, 104,438 have been flagged as phishing URLs, indicating malicious intent, while the remaining 345,738 URLs are classified as legitimate, denoting non-malicious or benign activity. This extensive dataset, drawn from multiple reputable sources, serves as a crucial asset for cybersecurity researchers and practitioners, facilitating the development and validation of advanced techniques for effectively detecting and mitigating phishing attacks.

In 2024, the rate of phishing attacks per reporter party has reached seven index points. In the year prior, in 2023, this rate was at 6.8 index points, up from 4.7.

Comprehensive dataset combining FTC Consumer Sentinel Network identity theft and fraud reports (2024-2025 Q1-Q3), OmniWatch/YouGov survey data on consumer fraud awareness, and state-level per-capita identity theft rankings. Includes quarterly breakdowns, age-based victimization rates, financial loss data, and fraud category analysis.

Content

• The data contains 50,000 entries. The ratio of phishing data to legitimate data is 1:1.
• Category composition https://www.googleapis.com/download/storage/v1/b/kaggle-user-content/o/inbox%2F21362184%2F89d81cf6f7c040ff134ca92e895014fe%2F0275a2db359b7463c2b14a97ccc8844.png?generation=1720060430801093&alt=media" alt="">
• Included Features https://www.googleapis.com/download/storage/v1/b/kaggle-user-content/o/inbox%2F21362184%2F7f079cfd5b4b00fc60f559c7bc958731%2F1720060641384.jpg?generation=1720060659856429&alt=media" alt=""> # Tip If you feel that this dataset does not meet your model architecture needs, please download the original data here to expand the dimension of the features.In this data set, there is a column called data index. This id corresponds to the number in the original data.

Identity Theft by Type (2024-2025), State Rankings (2024), Quarterly Fraud Data (2025 Q1-Q3)

Brand Protection and Anti-Phishing Market Outlook

According to our latest research, the global Brand Protection and Anti-Phishing market size reached USD 5.34 billion in 2024, demonstrating robust expansion driven by the escalating threat landscape and increased digitalization across industries. The market is currently experiencing a strong CAGR of 12.8%, and is projected to achieve a value of USD 15.24 billion by 2033. This growth is primarily fueled by the proliferation of sophisticated phishing attacks, the growing necessity for comprehensive brand protection strategies, and heightened regulatory pressures mandating advanced cybersecurity measures.

The rapid adoption of digital technologies and e-commerce platforms has significantly increased the exposure of brands to cyber threats, notably phishing and counterfeiting. As organizations expand their digital footprints, the attack surface for malicious actors also widens, resulting in a surge in brand impersonation and phishing campaigns. The evolving tactics employed by cybercriminals, such as spear-phishing and the use of AI-generated fake websites, necessitate the deployment of advanced anti-phishing solutions and holistic brand protection frameworks. Companies are increasingly investing in real-time monitoring, threat intelligence, and automated takedown services to safeguard their reputation and customer trust, further driving market growth.

Another critical growth factor is the increasing regulatory scrutiny and compliance mandates imposed by governments and industry bodies worldwide. Regulations such as the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and sector-specific guidelines in banking and healthcare require organizations to implement robust security measures to protect sensitive data and prevent phishing-related breaches. Non-compliance can result in hefty fines and reputational damage, prompting organizations to prioritize brand protection and anti-phishing investments. Additionally, the rising awareness among consumers regarding online fraud and data privacy is compelling businesses to adopt visible and effective protection strategies as a competitive differentiator.

The surge in remote work and hybrid workplace models post-pandemic has further amplified the need for comprehensive anti-phishing solutions. Employees accessing corporate resources from diverse locations and devices introduce new vulnerabilities, making organizations more susceptible to targeted phishing attacks. The demand for scalable, cloud-based brand protection tools that can secure distributed workforces and detect threats in real time has soared. Furthermore, the integration of artificial intelligence and machine learning into anti-phishing solutions is enabling quicker identification of emerging threats, enhancing the efficacy of detection and response mechanisms, and supporting the overall growth trajectory of the market.

Phishing Threat Intelligence plays a crucial role in the current cybersecurity landscape, especially as organizations face increasingly complex phishing schemes. By leveraging advanced analytics and real-time data, companies can gain insights into the evolving tactics of cybercriminals. This intelligence enables businesses to preemptively identify potential threats and adapt their security measures accordingly. The integration of Phishing Threat Intelligence into existing cybersecurity frameworks not only enhances the detection and response capabilities but also fortifies the overall resilience of an organization's digital infrastructure. As the threat landscape continues to evolve, the demand for sophisticated threat intelligence solutions is expected to grow, driving further innovation and investment in this critical area.

From a regional perspective, North America continues to dominate the Brand Protection and Anti-Phishing market, holding the largest revenue share due to the high incidence of cyberattacks, strong regulatory frameworks, and early adoption of advanced cybersecurity technologies. However, Asia Pacific is emerging as the fastest-growing region, propelled by the rapid digital transformation of enterprises, expanding e-commerce sector, and increasing cyber awareness initiatives. Europe maintains a significant market presence, driven by stringent data protection regulations and a mature digital eco

Consent Phishing Protection Market Outlook

According to our latest research, the Consent Phishing Protection market size reached USD 1.21 billion in 2024, reflecting the growing imperative for advanced cybersecurity solutions globally. The market is projected to expand at a robust CAGR of 18.7% during the forecast period, with the total market value expected to climb to USD 6.18 billion by 2033. The primary driver behind this impressive growth trajectory is the escalating frequency and sophistication of consent phishing attacks, which exploit trusted authentication processes to gain unauthorized access to sensitive data and systems. As organizations across industries face mounting regulatory pressures and reputational risks, the adoption of comprehensive consent phishing protection solutions is accelerating at an unprecedented pace.

A critical growth factor for the Consent Phishing Protection market is the rapid digital transformation witnessed across all sectors, which has led to an exponential increase in the use of cloud-based applications and remote work environments. This shift has expanded the attack surface for cybercriminals, making consent phishing a particularly insidious threat. Unlike traditional phishing, consent phishing manipulates users into granting malicious applications access to corporate resources through legitimate authorization protocols like OAuth. As organizations migrate sensitive workloads to the cloud and enable hybrid workforces, the demand for solutions that can detect and block such sophisticated threats is surging. Moreover, the integration of artificial intelligence and machine learning into consent phishing protection tools is enhancing their ability to identify anomalous behaviors and prevent unauthorized access in real time, further fueling market expansion.

Another significant driver is the tightening regulatory landscape worldwide, especially regarding data privacy and security. Regulatory frameworks such as the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and industry-specific mandates in the BFSI and healthcare sectors are compelling organizations to implement robust consent management and phishing protection measures. Non-compliance can result in severe financial penalties and irreparable reputational damage, prompting enterprises to prioritize investments in advanced security software and services. Additionally, the growing awareness among small and medium enterprises (SMEs) about the risks posed by consent phishing attacks is widening the market base, as these organizations seek affordable and scalable security solutions.

The evolving threat landscape, characterized by increasingly targeted and persistent attacks, is also shaping the Consent Phishing Protection market. Cybercriminals are leveraging social engineering tactics and exploiting trusted platforms, such as email and cloud services, to bypass traditional security controls. This has led to a paradigm shift in how organizations approach identity and access management, with a heightened focus on zero trust architectures and multi-layered defense strategies. The proliferation of endpoints, from mobile devices to IoT sensors, further complicates the security posture, necessitating holistic solutions that provide visibility and control across diverse environments. As a result, vendors are innovating rapidly, offering integrated platforms that combine email security, endpoint protection, and cloud security capabilities to deliver comprehensive consent phishing defense.

From a regional standpoint, North America continues to dominate the Consent Phishing Protection market, accounting for the largest revenue share in 2024. This leadership is attributed to the high concentration of large enterprises, early adoption of advanced cybersecurity technologies, and stringent regulatory requirements in the United States and Canada. Europe follows closely, benefiting from robust data protection laws and increasing investments in digital infrastructure. Meanwhile, the Asia Pacific region is emerging as a high-growth market, driven by rapid digitalization, expanding internet penetration, and rising awareness of cybersecurity threats among enterprises and government agencies. Latin America and the Middle East & Africa are also witnessing steady growth, albeit from a smaller base, as organizations in these regions ramp up their defenses against evolving phishing tactics.

In 2024, the majority of detected phishing e-mails were created by humans. A newly emerged trend of crafting phishing e-mails using AI technology was shown in only a smaller number of detected phishing e-mails, 2,785 or up to 4.7 percent, that were sent to employees of different organizations worldwide.

Key fraud and scam loss statistics from FBI IC3, FTC, UK Finance, and EBA/ECB reports for 2024.

OAuth Consent Phishing Defense Market Outlook

According to our latest research, the Global OAuth Consent Phishing Defense market size was valued at $1.2 billion in 2024 and is projected to reach $5.8 billion by 2033, expanding at a CAGR of 19.2% during 2024–2033. The rapid proliferation of cloud-based applications and the increasing sophistication of phishing attacks targeting OAuth consent screens are major factors driving the growth of the OAuth Consent Phishing Defense market globally. As organizations continue to adopt digital transformation initiatives and integrate third-party applications into their workflows, the need for robust OAuth consent phishing defense solutions has become paramount. Enterprises are investing heavily in advanced security frameworks to prevent unauthorized access, data breaches, and credential theft that can arise from manipulated OAuth consent flows, thus fueling market expansion.

Regional Outlook

North America holds the largest share of the global OAuth Consent Phishing Defense market, accounting for approximately 38% of total revenue in 2024. This dominance is attributed to the region's mature cybersecurity ecosystem, early adoption of innovative authentication technologies, and stringent regulatory frameworks such as CCPA and HIPAA. The United States, in particular, boasts a high concentration of technology giants, financial institutions, and healthcare providers that are prime targets for consent phishing attacks. These organizations have prioritized investment in advanced OAuth consent phishing defense solutions to safeguard sensitive data and comply with regulatory mandates. Additionally, the presence of leading market players and a robust venture capital environment further solidify North America’s leadership position in the global landscape.

The Asia Pacific region is projected to be the fastest-growing market, with a remarkable CAGR of 24.6% during the forecast period. This accelerated growth is driven by rapid digitalization, increased cloud adoption, and a surge in cyberattacks targeting enterprises in countries like China, India, Japan, and Australia. Governments and private sector organizations in Asia Pacific are ramping up investments in cybersecurity infrastructure, including OAuth consent phishing defense solutions, to mitigate risks associated with digital transformation. The region’s burgeoning e-commerce, fintech, and IT services sectors are particularly vulnerable to sophisticated phishing schemes, prompting a surge in demand for innovative defense mechanisms. Strategic partnerships between global cybersecurity vendors and local firms are also catalyzing market expansion in this region.

Emerging economies in Latin America and the Middle East & Africa are witnessing steady, albeit slower, adoption of OAuth consent phishing defense solutions. These regions face unique challenges such as limited cybersecurity budgets, lack of skilled professionals, and inconsistent regulatory enforcement. However, growing awareness of cyber threats, increased internet penetration, and the gradual digitalization of banking, government, and retail sectors are creating new opportunities for market players. Localized demand is also shaped by regional policy initiatives aimed at strengthening data protection and digital identity management. Despite these positive trends, fragmented IT infrastructure and persistent socio-economic barriers may temper the pace of adoption in the near term.

Report Scope