In the 4th quarter of 2024, over 989,000 unique phishing attacks were detected worldwide, representing a slight increase from the preceding quarter. By far, the number of unique phishing sites has seen the most significant jump between the second and the third quarters of 2020, from nearly 147,000 to approximately 572,000. This figure is based on the number of the unique base URLs of the phishing sites.

In 2024, the majority of detected phishing e-mails targeted organizational assets. According to research of 386,000 phishing e-mails, 65 percent of sent phishing e-mails targeted organizational assets. Additionally, 35 percent of the phishing e-mails were directed toward personal assets.

In 2024, over 193,000 individuals in the United States reported encountering phishing attacks. This figure had decreased compared to the previous year, when the number of phishing attacks nationwide amounted to nearly 300,000. However, in 2020 and 2019, this number was relatively low, around 241 thousand and 114 thousand, respectively.

In 2024, the majority of detected phishing e-mails targeted organizational assets. According to research of 386,000 phishing e-mails, 65 percent of sent phishing e-mails targeted organizational assets. Additionally, 35 percent of the phishing e-mails were directed toward personal assets.

In the fourth quarter of 2024, companies worldwide paid, on average, nearly 554 thousand U.S. dollars of ransom. Compared to the previous quarter, the figure saw an increase of approximately 280 thousand U.S. dollars.

In 2024, the rate of phishing attacks per reporter party has reached seven index points. In the year prior, in 2023, this rate was at 6.8 index points, up from 4.7.

As of September 2024, phishing was the most common type of cyberattack experienced by companies in France in the past 12 months, with nearly half of the surveyed companies stating so. Ransomware attacks ranked second, with ** percent, followed by spyware or malware viruses.

In 2024, the most common type of cybercrime reported to the United States internet Crime Complaint Center was phishing, with its variation, spoofing, affecting approximately 193,000 individuals. In addition, over 86,000 cases of extortion were reported to the IC3 during that year. Dynamic of phishing attacks Over the past few years, phishing attacks have increased significantly. In 2024, over 193,000 individuals fell victim to such attacks. The highest number of phishing scam victims since 2018 was recorded in 2021, approximately 324 thousand.Phishing attacks can take many shapes. Bulk phishing, smishing, and business e-mail compromise (BEC) are the most common types. With the recent development of generative AI, it has become easier to craft a believable phishing e-mail. This is currently among the top concerns of organizations leaders. Impact of phishing attacks Among the most targeted industries by cybercriminals are healthcare, financial, manufacturing, and education institutions. An observation carried out in the fourth quarter of 2024 found that software-as-a-service (SaaS) and webmail was most likely to encounter phishing attacks. According to the reports, almost a quarter of them stated being targeted by a phishing scam in the measured period.

In 2024, a quarter of all detected cyberattacks in the companies worldwide were phishing attacks, delivered either through attachments or links. This share has decreased from 46 percent in 2022.

Here, we’ve gathered email marketing benchmarks by industry. You can see how your average email open, click-through, click-to-open, unsubscribe, and spam complaint rates compare against other companies in your industry.

In 2024, users in the media production industry worldwide saw the highest number of phishing attacks. On average, the number of phishing attacks per user in this industry reached 2.91 in one year. Government organizations worldwide ranked second, with 2.8 phishing attempts received, followed by manufacturing and construction, with 1.65 attacks per user.

In September 2024, 322 brands worldwide were targeted by phishing attacks, down from 508 in February of the same year. The number of brands that cyber criminals targeted has decreased in 2024.

As of February 2024, data breaches caused by malicious insiders were the most costly, averaging **** million U.S. dollars per breach. Phishing attacks led to data breaches with an average cost of **** million U.S. dollars per incident. Similarly, breaches resulting from business email compromise also averaged **** million U.S. dollars during the examined period.

A survey from December 2024 showed that almost ** percent of male smartphone owners in Japan knew the phishing scam method of luring people to a fake website via e-mail or SMS. Tricking people into installing fraudulent apps was also known by a ******** of the respondents.

In 2024, a large number of URLs in home.pl domains were observed as phishing sites in Poland. According to the source, phishing reports involved ****** URLs with ****** domains resolving to ***** IP addresses.

This statistic presents the result of a survey on the share of companies affected by cyberattacks in Germany from 2017 to 2024. During 2024, it was found that 81 percent of responding companies had experienced incidents concerning data theft, corporate espionage or sabotage.This was an increase of almost 10 percent compared to the previous year.

About *********** phishing incidents were reported to the Council of Anti-Phishing Japan in 2024. The number, which also includes cases that were reported from outside of Japan, strongly increased in recent years.

Israel faced a surge in cyberattacks in 2024, with phishing attacks emerging as the top threat. That year, roughly ** percent of all reported cyberattacks involved phishing. Social media hacks claimed second place, with ***** incidents. In total, more than ****** cyberattacks were reported, marking a ** percent rise year-on-year. Security experts attribute this rise partly to heightened cyberthreats following the outbreak of the Israel-Hamas war in October 2023. Demographics of cybercrime victimization Cybercrime is now the most common type of offense Israelis fall victim to. In a 2023 survey, just under ** percent of adults reported being victims of online criminal activity, surpassing violent crimes and theft. Cybercrime shows distinct demographic patterns, with certain age groups facing disproportionate risk. The ***** age bracket appeared most vulnerable, with nearly ** percent of the cohort reporting having been a recent victim of cybercrime. This was significantly higher than the **** percent reported by those ** and older. The vulnerability of middle-aged adults may reflect a heavier use of digital services for work and leisure, and thus greater exposure to online threats. Cybercrime meets national defense Although most cyberattacks in Israel are linked to criminal activity, cyber-defense remains a cornerstone of Israeli national security. In 2024 the Israeli Security Service (ISS), tasked with countering threats from foreign adversaries, reported foiling roughly *** cyberwarfare operations. Over ********** of these operations were aimed at espionage and intelligence gathering, while about ** percent sought to damage computer systems and networks. These figures highlight both the breadth of the challenge, and the potential strategic risks such attacks pose.

More than ******* incidents violating the security of the Polish internet were registered in 2024. Fraud, including phishing, gained considerable popularity among cybercriminals. The most common incidents were malicious software attacking the internet user and abusive content, including spam.

As of February 2025, the United States ranked first by the average cost of a data breach, ***** million U.S. dollars. The average cost of data breaches in the Middle East was **** million U.S. dollars. Benelux followed in the ranking, with **** million U.S. dollars. In the measured period, the global average data breach cost was **** million U.S. dollars. Phishing scams in the U.S. Breached data often ends up in the hands of threat actors who use it for malicious purposes, including online scams. Phishing continues to be a major threat in North America, particularly on smartphones. In the second quarter of 2023, the region recorded the highest number of phishing and malicious attack attempts globally. The United States was particularly affected, with ** percent of U.S. citizens reporting being targeted by scam texts, e-mails, and calls on a daily basis. Additionally, phishing and spoofing were the most common types of cybercrime, impacting *** thousand individuals in 2023. These attacks led to financial losses, with U.S. victims reporting nearly ** billion U.S. dollars in damages throughout the year. U.S. users and data privacy Despite only ** percent of internet users in the United States being highly knowledgeable about data privacy and cybersecurity, a significant portion of users demonstrated caution and awareness in protecting their information. In fact, over half of surveyed U.S. users reported being somewhat confident in knowing the right steps to take in the event of a cyberattack. Furthermore, ** percent of U.S. users actively decline cookies on websites, reflecting their increasing concern for data protection. Many respondents also take additional steps to safeguard their digital privacy, such as limiting or avoiding clicking on ads as well as not answering phone calls due to cybersecurity risks.