During the fourth quarter of 2024, nearly 23 percent of phishing attacks worldwide targeted social media. Web-based software services and webmail were targeted by over 23 percent of registered phishing attacks. Furthermore, financial institutions accounted for 12 percent of attacks.

In the 4th quarter of 2024, over 989 thousand unique phishing attacks were detected worldwide, representing a slight increase from the preceding quarter. By far, the number of unique phishing sites has seen the most significant jump between the second and the third quarters of 2020, from nearly 147 thousand to approximately 572 thousand. This figure is based on the number of the unique base URLs of the phishing sites.

In December 2023, around 9.45 million phishing e-mails were detected worldwide, up from 5.59 million in September 2023. This figure has seen a continuous increase since January 2022. It is partially associated with the launch of ChatGPT in November 2022.

Introduction

Phishing Statistics: Phishing is a kind of cyberattack in which criminals try to fool people into sharing personal information such as passwords or credit card numbers, often by pretending to be a trusted company or person through fake emails, websites, or messages. Phishing has become more common as many people use the Internet for banking, shopping, and communication.

In 2024, phishing attacks are a major threat to both individuals and businesses. Criminals are using more advanced techniques, and these attacks are costing billions of dollars globally. People need to stay aware and cautious online to avoid falling victim to these scams.

Surveys of working adults and IT security professionals worldwide conducted in 2021 and 2023 found that the share of organizations experiencing severe consequences due to a successful cyber attack had declined. In 2023, the share of enterprises experiencing a breach of customer or client data was 29 percent, down from 44 percent in 2022. Ransomware infections that occurred through e-mail were common for 32 percent of the respondents in 2023. Cases of a credential or account compromise occurred in 27 percent of the organizations in 2023, a decrease of 25 percent compared to the year prior.

This dataset contains a collection of legitimate and phishing websites, along with information on the target brands (brands.csv) being impersonated in the phishing attacks. The dataset includes a total of 10,395 websites, 5,244 of which are legitimate and 5,151 of which are phishing websites. These websites impersonate a total of 86 different target brands.

For phishing datasets, the files can be downloaded in a zip file with a "phishing" prefix, while for legitimate websites, the files can be downloaded in a zip file with a "not-phishing" prefix.

In addition, the dataset includes features such as screenshots, text, CSS, and HTML structure for each website, as well as domain information (WHOIS data), IP information, and SSL information. Each website is labeled as either legitimate or phishing and includes additional metadata such as the date it was discovered, the target brand being impersonated, and any other relevant information.

The dataset has been curated for research purposes and can be used to analyze the effectiveness of phishing attacks, develop and evaluate anti-phishing solutions, and identify trends and patterns in phishing attacks. It is hoped that this dataset will contribute to the advancement of research in the field of cybersecurity and help improve our understanding of phishing attacks.

Phishing Protection Market Outlook

The global phishing protection market size was valued at approximately USD 900 million in 2023 and is projected to reach USD 2.4 billion by 2032, growing at a compound annual growth rate (CAGR) of 11.5% from 2024 to 2032. The growth of this market is fueled by the escalating volume and sophistication of phishing attacks, coupled with increasing awareness about cybersecurity among organizations across various industries.

One of the significant growth factors driving the phishing protection market is the increasing number of cyberattacks targeting both individuals and organizations. Phishing attacks have become more sophisticated, making it crucial for businesses to invest in advanced protection measures. The rise in spear-phishing, where attackers target specific individuals within an organization, has heightened the need for robust phishing protection solutions. Moreover, the financial and reputational damage caused by successful phishing attacks is pushing organizations to adopt comprehensive security solutions, thereby driving market growth.

Another critical factor contributing to the market's expansion is the growing regulatory landscape around data protection and cybersecurity. Governments and regulatory bodies across the globe are implementing stringent regulations to ensure data security and protect consumer information. Compliance with regulations such as GDPR in Europe, CCPA in California, and other data protection laws worldwide necessitates the deployment of advanced phishing protection solutions. Organizations must adhere to these regulations to avoid hefty fines and legal repercussions, further propelling the adoption of phishing protection services and software.

The increasing adoption of digital transformation strategies by enterprises is also a significant driver of market growth. As businesses migrate their operations to cloud platforms and adopt new technologies, they become more vulnerable to cyber threats, including phishing attacks. The shift towards remote work and the integration of Bring Your Own Device (BYOD) policies have expanded the attack surface for cybercriminals. Consequently, organizations are prioritizing investments in phishing protection solutions to safeguard their digital assets and maintain business continuity in a highly digitized environment.

In addition to phishing attacks, organizations are increasingly facing threats from credential stuffing, a type of cyberattack where attackers use automated tools to try multiple username and password combinations to gain unauthorized access to user accounts. This has led to a growing demand for Credential Stuffing Protection solutions, which are designed to detect and block such attempts. These solutions often employ advanced techniques such as behavioral analytics and machine learning to identify suspicious login activities and prevent unauthorized access. As businesses continue to digitize their operations and store sensitive data online, the need for robust Credential Stuffing Protection measures becomes even more critical. By implementing these solutions, organizations can safeguard their user accounts and maintain trust with their customers.

Regionally, North America is anticipated to dominate the phishing protection market during the forecast period, owing to the high incidence of cyberattacks and the presence of leading cybersecurity companies. Europe is also expected to witness significant growth, driven by stringent data protection regulations and increasing cyber threats. The Asia Pacific region is projected to exhibit the highest CAGR, fueled by rapid digitalization, increasing internet penetration, and growing awareness about cybersecurity threats. Latin America, the Middle East, and Africa are also expected to contribute to the market's growth, albeit at a slower pace compared to other regions.

Component Analysis

The phishing protection market is segmented by components into software and services. The software segment is expected to hold a significant share of the market, as organizations increasingly rely on advanced software solutions to detect and prevent phishing attacks. Software solutions typically include email filtering, URL filtering, and anti-phishing tools that help identify and block malicious content. Moreover, the continuous advancements in machine learning and artificial intelligence are enhancing the capabilities of phishing protection software, making them more effective in ide

In 2023, users in Vietnam were most frequently targeted by phishing attacks. The phishing attack rate among internet users in the country was ***** percent. In the examined year, Peru was the second region, with an attack rate of nearly ** percent, while Taiwan followed with ***** percent.

The dataset 1 contains the age, qualification level, their awareness about phishing and if they became victim to phishing. The dataset 1 contains the result to detection rate before awareness and briefing of phishing after a successful spear phishing.

The dataset 2 contains the age, qualification level, their awareness about phishing and if they became victim to phishing. The dataset 2 contains the result to detection rate after awareness and briefing of phishing after a successful smishing.

1) Data Introduction • The Email Phishing Dataset is designed for phishing email detection using machine learning.

2) Data Utilization (1) Email Phishing Dataset has characteristics that: • All emails were refined and subjected to a custom NLP feature extraction pipeline focused on phishing metrics. • This dataset contains no raw text or headers, only features engineered for model training/testing. (2) Email Phishing Dataset can be used to: • Developing an email detection model: It can be used to train and evaluate AI models that classify normal mail and phishing mail using various characteristics such as email body, subject, and sender. • E-mail security policy and threat analysis research: Analyzing real phishing cases and normal email data to derive the characteristics of phishing attacks, and use them to establish effective email security policies and develop threat response strategies.

The phishing protection market is experiencing robust growth, driven by the escalating sophistication and frequency of phishing attacks targeting individuals and organizations across diverse sectors. The increasing reliance on digital platforms for banking, e-commerce, and communication has created a fertile ground for cybercriminals, necessitating robust security measures. The market's expansion is fueled by several key factors, including the rising adoption of cloud-based security solutions, the proliferation of mobile devices, and the increasing awareness of phishing threats among both individuals and businesses. Furthermore, stringent government regulations concerning data privacy and security are compelling organizations to invest heavily in advanced phishing protection technologies. While the BFSI (Banking, Financial Services, and Insurance) sector remains a significant adopter, growth is also observed across other sectors like healthcare, government, and telecommunications, due to their sensitive data assets and heightened regulatory scrutiny. The market is segmented by application (BFSI, Government, Healthcare, Telecommunications and IT, Transportation, Education, Retail) and type of phishing (email-based, non-email-based), each presenting unique opportunities for specialized solutions. Companies like Cyren, BAE Systems, Microsoft, FireEye, Symantec, Proofpoint, GreatHorn, Cisco, Phishlabs, Intel, and Mimecast are key players, constantly innovating to counter evolving phishing tactics. The market's growth trajectory is projected to remain positive over the forecast period (2025-2033), although challenges remain. These include the ever-evolving nature of phishing techniques, the difficulty in detecting sophisticated attacks, and the ongoing skills gap in cybersecurity expertise. Despite these obstacles, the market’s future looks promising, spurred by continuous advancements in artificial intelligence (AI) and machine learning (ML) technologies which enhance threat detection and response capabilities. The increasing adoption of multi-layered security solutions, incorporating phishing protection alongside other security measures, further contributes to the overall market growth. The geographical distribution of the market indicates strong growth in North America and Europe, while the Asia-Pacific region is poised for significant expansion in the coming years, driven by increasing internet penetration and digitalization.

In 2024, over 193,000 individuals in the United States reported encountering phishing attacks. This figure had decreased compared to the previous year, when the number of phishing attacks nationwide amounted to nearly 300,000. However, in 2020 and 2019, this number was relatively low, around 241 thousand and 114 thousand, respectively.

These data consist of a collection of legitimate as well as phishing website instances. Each website is represented by the set of features which denote, whether website is legitimate or not. Data can serve as an input for machine learning process.

In this repository the two variants of the Phishing Dataset are presented.

Full variant - dataset_full.csv Short description of the full variant dataset: Total number of instances: 88,647 Number of legitimate website instances (labeled as 0): 58,000 Number of phishing website instances (labeled as 1): 30,647 Total number of features: 111

Small variant - dataset_small.csv Short description of the small variant dataset: Total number of instances: 58,645 Number of legitimate website instances (labeled as 0): 27,998 Number of phishing website instances (labeled as 1): 30,647 Total number of features: 111

The phishing simulation market is experiencing robust growth, driven by the escalating sophistication of phishing attacks and the increasing regulatory pressure on organizations to enhance their cybersecurity posture. The market, currently valued at approximately $1.5 billion in 2025 (estimated based on typical market sizes for cybersecurity segments with similar growth rates), is projected to experience a Compound Annual Growth Rate (CAGR) of 15% from 2025 to 2033. This expansion is fueled by several key factors. Firstly, the rising frequency and success rate of phishing campaigns targeting both large enterprises and SMEs necessitate proactive security measures like simulation training. Secondly, evolving attack vectors and techniques demand continuous adaptation and improvement in security awareness programs, creating a sustained demand for advanced phishing simulation solutions. Thirdly, stringent data privacy regulations like GDPR and CCPA are imposing significant penalties for data breaches resulting from successful phishing attacks, motivating organizations to invest heavily in preventative measures including simulation-based training. The market segmentation reveals a significant share held by software-based solutions, owing to their scalability, ease of deployment, and cost-effectiveness. However, the service segment is also experiencing strong growth due to the increasing need for expert guidance and managed services in designing and implementing effective phishing simulation programs. Geographically, North America currently dominates the market, followed by Europe, reflecting the high level of cybersecurity awareness and regulatory compliance in these regions. However, the Asia-Pacific region is expected to exhibit the highest growth rate over the forecast period, driven by increasing digital adoption and rising awareness of cybersecurity threats in developing economies. While the market faces certain restraints, such as the need for specialized expertise and the potential for high implementation costs, the overall growth trajectory remains positive, driven by the overwhelming need to combat the ever-evolving threat landscape of phishing attacks.

Introduction

Data Breach Statistics: A data breach, also called data leakage, happens when personal information is shared or lost without permission. It includes things like names, addresses, passwords, credit card numbers, or health records. Such breaches can occur if someone inside a company shares it by mistake or on purpose, if an unprotected device is lost or stolen, if hackers break into systems using weak points, or if people are tricked through phishing to give away private data. The common causes of data breaches are human error, lost or stolen devices, cyberattacks, phishing attacks, and insider threats.

This article includes several statistical analyses taken from different sources that include breach types, global incidents of data breaches, industry-wide data breaches, regional impacts, causes, breach size, impacts, breach detection, consumer awareness, and future analysis.

The spear phishing market is experiencing robust growth, driven by the increasing sophistication of cyberattacks and the expanding digital landscape. While precise market sizing data is unavailable, considering the substantial investments in cybersecurity and the consistent rise in reported phishing incidents, a reasonable estimate for the 2025 market size would be in the range of $5-7 billion. This figure reflects the rising costs associated with data breaches, regulatory fines, and the increasing demand for advanced threat detection and response solutions. A Compound Annual Growth Rate (CAGR) of 12-15% over the forecast period (2025-2033) is plausible, considering ongoing technological advancements in spear phishing techniques and the corresponding need for robust countermeasures. Key drivers include the growth of remote work, increasing reliance on cloud services, and the evolving tactics employed by cybercriminals to target specific individuals and organizations. Trends point towards a greater focus on artificial intelligence (AI) and machine learning (ML) in threat detection, as well as a shift towards proactive security measures and employee training programs to mitigate the impact of spear phishing attacks. However, restraints include the ever-evolving nature of spear phishing techniques, the persistent skills gap in cybersecurity professionals, and the potential for false positives in automated detection systems. Segmentation within the market is likely to exist based on solution type (e.g., email security, security awareness training), deployment model (cloud, on-premises), and target industry (financial services, healthcare, government). Companies like BAE Systems, Check Point Software Technologies, Cisco Systems, and Proofpoint are key players actively innovating and competing within this dynamic market. The significant market expansion is further fueled by the high financial stakes involved in successful spear phishing campaigns. The impact of successful attacks, including data breaches, financial losses, and reputational damage, encourages organizations to invest heavily in comprehensive security solutions. The proliferation of sophisticated spear phishing techniques, such as personalized phishing emails and the use of social engineering, necessitates advanced detection and prevention technologies. The market's competitive landscape is characterized by both established cybersecurity vendors and emerging players who are constantly developing new solutions to combat the threat of spear phishing. The competitive dynamics will likely lead to further innovation and drive market growth in the coming years, enhancing the overall sophistication of spear phishing detection and prevention solutions.

The anti-phishing tools market is experiencing robust growth, driven by the escalating sophistication and frequency of phishing attacks targeting individuals and organizations. The market, estimated at $5 billion in 2025, is projected to expand at a compound annual growth rate (CAGR) of 15% from 2025 to 2033, reaching approximately $15 billion by 2033. This growth is fueled by several key factors. Increased adoption of cloud-based services and remote work models has broadened the attack surface, making organizations more vulnerable. Simultaneously, phishing techniques are becoming increasingly sophisticated, employing AI and social engineering to bypass traditional security measures. Regulations like GDPR and CCPA are also driving demand for robust anti-phishing solutions to ensure data privacy and compliance. The market is segmented by deployment type (cloud, on-premises), organization size (SMB, enterprise), and type of solution (email security, web security, user training). Major players like Barracuda, Mimecast, and Check Point (Avanan) dominate the market, but a competitive landscape exists with numerous smaller vendors offering specialized solutions. Challenges include the constant evolution of phishing tactics, requiring continuous updates and improvements to anti-phishing technologies, along with the need for user education to prevent human error. The market's future trajectory will depend significantly on the development and implementation of advanced AI-powered solutions that can proactively identify and neutralize sophisticated phishing attempts. The increasing adoption of multi-layered security approaches, combining email security, web security, and user training, will be a key trend. While the cost of these solutions can be a barrier for some smaller organizations, the potential financial and reputational damage from successful phishing attacks far outweighs the investment in robust protection. Therefore, the market is poised for sustained growth, driven by the ongoing need to safeguard against ever-evolving phishing threats. Further geographic expansion, particularly in emerging markets with increasing internet penetration, will also contribute to market growth.

A partial dataset and document-term matrix of phishing emails targeting an institution of higher education and an associated script used for data analysis.

Phishing is an attack where a scammer calls you, texts or emails you, or uses social media to trick you into clicking a malicious link, downloading malware, or sharing sensitive information. Phishing attempts are often generic mass messages, but the message appears to be legitimate and from a trusted source (e.g. from a bank, courier company).