In 2023, half of the social engineering attacks worldwide were scams, making it the most common type of cyberattack in this category. Phishing ranked second, with **** percent of the attacks, while business e-mail compromise (BEC) made up nearly ** percent of the total spear-phishing attacks.

This data includes spam e-mail and phishing detection dataset for cybersecurity research projects

In 2023, business e-mail compromise (BEC) scams were the most common type of social engineering attacks using Gmail.com. Roughly **** percent of such cyberattacks detected on Gmail.com were identified as BEC scams. General scamming ranked second, with over ** percent, and phishing was identified in *** percent of social engineering attacks abusing Gmail.com.

The Social Engineering Attack Defense Solution market is booming, projected to reach $15 billion by 2033. Learn about key drivers, trends, and restraints shaping this rapidly evolving sector, including AI-powered solutions, regulatory compliance, and the escalating threat of sophisticated phishing attacks. Explore market size, CAGR, and regional breakdowns in our comprehensive analysis.

In 2023, Gmail was the e-mail service most frequently abused in social engineering attacks worldwide, with 22 percent of such attacks using it. Outlook, Hotmail, and other services ranked far behind.

Overview This dataset is a comprehensive, easy-to-understand collection of cybersecurity incidents, threats, and vulnerabilities, designed to help both beginners and experts explore the world of digital security. It covers a wide range of modern cybersecurity challenges, from everyday web attacks to cutting-edge threats in artificial intelligence (AI), satellites, and quantum computing. Whether you're a student, a security professional, a researcher, or just curious about cybersecurity, this dataset offers a clear and structured way to learn about how cyber attacks happen, what they target, and how to defend against them.

With 14134 entries and 15 columns, this dataset provides detailed insights into 26 distinct cybersecurity domains, making it a valuable tool for understanding the evolving landscape of digital threats. It’s perfect for anyone looking to study cyber risks, develop strategies to protect systems, or build tools to detect and prevent attacks.

What’s in the Dataset? The dataset is organized into 16 columns that describe each cybersecurity incident or research scenario in detail:

ID: A unique number for each entry (e.g., 1, 2, 3). Title: A short, descriptive name of the attack or scenario (e.g., "Authentication Bypass via SQL Injection"). Category: The main cybersecurity area, like Mobile Security, Satellite Security, or AI Exploits. Attack Type: The specific kind of attack, such as SQL Injection, Cross-Site Scripting (XSS), or GPS Spoofing. Scenario Description: A plain-language explanation of how the attack works or what the scenario involves. Tools Used: Software or tools used to carry out or test the attack (e.g., Burp Suite, SQLMap, GNURadio). Attack Steps: A step-by-step breakdown of how the attack is performed, written clearly for all audiences. Target Type: The system or technology attacked, like web apps, satellites, or login forms. Vulnerability: The weakness that makes the attack possible (e.g., unfiltered user input or weak encryption). MITRE Technique: A code from the MITRE ATT&CK framework, linking the attack to a standard classification (e.g., T1190 for exploiting public-facing apps). Impact: What could happen if the attack succeeds, like data theft, system takeover, or financial loss. Detection Method: Ways to spot the attack, such as checking logs or monitoring unusual activity. Solution: Practical steps to prevent or fix the issue, like using secure coding or stronger encryption. Tags: Keywords to help search and categorize entries (e.g., SQLi, WebSecurity, SatelliteSpoofing). Source: Where the information comes from, like OWASP, MITRE ATT&CK, or Space-ISAC.

Cybersecurity Domains Covered The dataset organizes cybersecurity into 26 key areas:

AI / ML Security

AI Agents & LLM Exploits

AI Data Leakage & Privacy Risks

Automotive / Cyber-Physical Systems

Blockchain / Web3 Security

Blue Team (Defense & SOC)

Browser Security

Cloud Security

DevSecOps & CI/CD Security

Email & Messaging Protocol Exploits

Forensics & Incident Response

Insider Threats

IoT / Embedded Devices

Mobile Security

Network Security

Operating System Exploits

Physical / Hardware Attacks

Quantum Cryptography & Post-Quantum Threats

Red Team Operations

Satellite & Space Infrastructure Security

SCADA / ICS (Industrial Systems)

Supply Chain Attacks

Virtualization & Container Security

Web Application Security

Wireless Attacks

Zero-Day Research / Fuzzing

Why Is This Dataset Important? Cybersecurity is more critical than ever as our world relies on technology for everything from banking to space exploration. This dataset is a one-stop resource to understand:

What threats exist: From simple web attacks to complex satellite hacks. How attacks work: Clear explanations of how hackers exploit weaknesses. How to stay safe: Practical solutions to prevent or stop attacks. Future risks: Insight into emerging threats like AI manipulation or quantum attacks. It’s a bridge between technical details and real-world applications, making cybersecurity accessible to everyone.

Potential Uses This dataset can be used in many ways, whether you’re a beginner or an expert:

Learning and Education: Students can explore how cyber attacks work and how to defend against them. Threat Intelligence: Security teams can identify common attack patterns and prepare better defenses. Security Planning: Businesses and governments can use it to prioritize protection for critical systems like satellites or cloud infrastructure. Machine Learning: Data scientists can train models to detect threats or predict vulnerabilities. Incident Response Training: Practice responding to cyber incidents, from web hacks to satellite tampering.

Ethical Considerations Purpose: The dataset is for educational and research purposes only, to help improve cybersecurity knowledge and de...

This dataset contains 624 English-language messages for training and evaluating phishing detection models using Natural Language Processing (NLP). Each message is labeled with one of six classes related to cybersecurity threats or benign content.

The file is in .xlsx format with two columns:

• Corpus: Message content (email or SMS-like)
• Label: Message category (Phishing, Malware, Scareware, Baiting, Pretexting, or NOT-Malicious)

This dataset supports multi-class classification and is ideal for machine learning applications in cybersecurity, especially in detecting social engineering attacks.

All messages are anonymized and do not contain any personal data.

Contact: jessica.testa@eng.it

Citation: Engineering Ingegneria Inforamtica Spa (2025). Multiclass NLP Dataset for Phishing and Social Engineering Threat Detection [Data set]. Zenodo. DOI:10.5281/zenodo.15235123

According to surveys of working adults and IT professionals conducted in 2023, almost ***** in ** respondents reported having encountered vishing attacks. This represents a slight decrease from ** percent in the year prior. Vishing attacks are a type of social engineering attacks performed over phone calls or voice messages for phishing.

Social Engineering Detection AI Market Outlook

According to our latest research, the global Social Engineering Detection AI market size reached USD 1.52 billion in 2024, with a robust compound annual growth rate (CAGR) of 27.8% expected through the forecast period. By 2033, the market is anticipated to attain a value of USD 13.27 billion, driven by the escalating sophistication of cyberattacks and the growing necessity for advanced security solutions. This remarkable growth is underpinned by the proliferation of digital transformation initiatives, increased adoption of AI-driven security technologies, and heightened awareness among organizations regarding the risks posed by social engineering threats.

A key growth factor propelling the Social Engineering Detection AI market is the exponential rise in cybercrime, particularly those involving social engineering tactics such as phishing, pretexting, and baiting. As digital infrastructures become more complex and interconnected, the attack surface for threat actors expands, making traditional security measures insufficient. Organizations are increasingly leveraging AI-powered detection tools to identify and neutralize deceptive schemes before they compromise sensitive data or disrupt operations. The integration of machine learning algorithms enables these solutions to analyze vast volumes of behavioral and contextual data, allowing for real-time identification of anomalous activities and suspicious communication patterns. This advanced capability is crucial in combating the ever-evolving tactics employed by cybercriminals.

Another significant driver is the regulatory environment, which is becoming progressively stringent across various sectors. Governments and industry bodies worldwide are mandating stricter compliance standards for data protection and cybersecurity. Regulations such as the General Data Protection Regulation (GDPR) in Europe and the California Consumer Privacy Act (CCPA) in the United States have compelled organizations to invest in advanced security frameworks, including AI-based social engineering detection systems. These regulatory pressures, combined with the reputational and financial risks associated with security breaches, are accelerating the adoption of proactive threat detection technologies. As organizations strive to meet compliance requirements and safeguard their digital assets, the demand for sophisticated AI-driven solutions continues to surge.

The rapid advancement and democratization of AI technologies also play a pivotal role in market expansion. Enhanced computational capabilities, the availability of large datasets, and the evolution of natural language processing (NLP) are enabling more accurate and adaptive detection mechanisms. Vendors are increasingly embedding AI-powered features into their security offerings, providing organizations with tools that can dynamically learn and adapt to new threat vectors. This trend is particularly pronounced among enterprises undergoing digital transformation, as they seek scalable, automated solutions to protect their expanding digital footprints. The combination of technological innovation and heightened threat awareness is setting the stage for sustained market growth over the next decade.

From a regional perspective, North America currently dominates the Social Engineering Detection AI market, accounting for the largest share in 2024. This leadership is attributed to the high concentration of technology-driven enterprises, significant investments in cybersecurity infrastructure, and a mature regulatory landscape. Europe follows closely, benefiting from strong data privacy laws and increasing adoption of digital security solutions across industries. Meanwhile, the Asia Pacific region is emerging as a high-growth market, fueled by rapid digitalization, expanding internet penetration, and rising incidences of sophisticated cyber threats. As organizations across all regions recognize the strategic importance of AI-driven social engineering detection, the global market is poised for continued expansion and innovation.

Email Security AI is becoming an indispensable tool in the fight against social engineering attacks, particularly as email remains a primary vector for such threats. With the increasing sophistication of phishing schemes and the rise of business emai

In today's digitally-driven world, the Social Engineering Attack Defense Solution market is rapidly emerging as a vital component of cybersecurity strategies across various industries. Social engineering attacks, which exploit human psychology rather than technical vulnerabilities, have become increasingly sophistic

Social Engineering Attack Scenarios collected from various sources : News papers, Government advisories, Police education materials and interviews.

Social Engineering Detection AI Market Outlook

According to our latest research, the global Social Engineering Detection AI market size reached USD 1.42 billion in 2024. With a robust growth trajectory, the market is expected to expand at a CAGR of 29.4% during the forecast period, culminating in a projected market size of USD 12.32 billion by 2033. This remarkable growth is primarily fueled by the escalating sophistication of cyber threats, increased adoption of AI-driven security solutions, and the growing necessity for organizations to protect sensitive data against social engineering attacks.

The rapid evolution of cyber threats, particularly those leveraging human vulnerabilities through social engineering, stands as a critical driver for the Social Engineering Detection AI market. Organizations are witnessing a surge in phishing, pretexting, baiting, and other manipulation-based attacks that traditional security tools often fail to detect. The increasing frequency and complexity of these attacks have underscored the limitations of conventional security measures, prompting enterprises to invest in more advanced, AI-powered detection solutions. These AI systems employ machine learning, natural language processing, and behavioral analytics to proactively identify and mitigate social engineering threats, thereby reducing the risk of costly data breaches and reputational damage.

Another significant growth factor is the heightened regulatory pressure across industries to bolster cyber defense mechanisms. Governments and regulatory bodies worldwide are imposing stricter compliance requirements on data protection and privacy, compelling organizations to adopt state-of-the-art security technologies. The integration of AI into social engineering detection not only helps meet these regulatory standards but also provides a competitive edge by enhancing incident response capabilities. Furthermore, the proliferation of remote work and digital transformation initiatives has expanded the attack surface for cybercriminals, making AI-driven detection solutions indispensable for safeguarding distributed workforces and digital assets.

The market's expansion is further propelled by the increasing awareness among enterprises about the financial and operational repercussions of social engineering attacks. High-profile security breaches and their associated costs have made cybersecurity a board-level concern, leading to greater budget allocations for advanced detection technologies. AI-powered social engineering detection solutions are gaining traction due to their ability to learn from evolving attack patterns, automate threat identification, and deliver real-time alerts, thereby minimizing the window of vulnerability. As organizations continue to digitize their operations, the demand for scalable, intelligent, and adaptive security solutions is expected to rise sharply, driving sustained growth in the Social Engineering Detection AI market.

Regionally, North America dominates the market, accounting for the largest share in 2024, primarily due to the high concentration of technology-driven enterprises, stringent regulatory frameworks, and the presence of leading AI solution providers. However, Asia Pacific is emerging as the fastest-growing region, propelled by rapid digitalization, increasing cybercrime incidents, and rising investments in cybersecurity infrastructure. Europe, Latin America, and the Middle East & Africa are also witnessing steady adoption, with governments and enterprises ramping up efforts to counteract the growing menace of social engineering attacks. This regional diversification reflects the universal recognition of social engineering threats and the global shift towards AI-enabled security solutions.

Component Analysis

The Social Engineering Detection AI market is segmented by component into Software, Hardware, and Services. The software segment holds the lion’s share of the market, largely driven by the demand for robust, scalable, and easily deployable AI-powered security platforms. These software solutions leverage advanced algorithms to analyze vast amounts of data, detect anomalies, and identify potential social engineering threats in real-time. The flexibility and integration capabilities of software solutions make them an attractive choice for organizations of all sizes, especially as cybercriminals continuously adapt their tactics. Furthermore, the rise of SaaS-based security offer

Phishing Message Dataset (1000 Samples)

This dataset comprises 1,000 phishing messages, categorized based on NLP-based deception techniques commonly used in social engineering attacks.

Phishing Categories:

Urgency – Messages that create a sense of immediate action.
Authority – Messages impersonating trusted figures or organizations.
Persuasion – Messages using manipulative language to convince the recipient.

Dataset Structure:

Each record contains the following fields:
- text – The phishing message (email or SMS).
- category – The type of phishing attack (urgency, authority, persuasion).
- label – A classification label ("phishing") for machine learning tasks.

Potential Applications:

Natural Language Processing (NLP) – Analyze linguistic patterns in phishing messages.
Cybersecurity Research – Identify deceptive techniques used in phishing attacks.
Phishing Detection Models – Train AI models to classify and detect phishing messages.
AI-driven Threat Analysis – Improve automated cybersecurity threat detection.

This dataset serves as a valuable resource for developing AI-powered solutions in cybersecurity and NLP-based phishing detection.

This dataset provides a comprehensive classification and analysis of modern attack types in cyberspace, detailing various categories of cyber threats, their methods of execution, targeted assets, real-world impact, and mitigation strategies. The primary focus is on prevalent attack vectors that have been widely exploited in recent years, capturing the evolving nature of cyber threats and how they are leveraged by cybercriminals, nation-state actors, and even insiders to compromise systems, steal data, or disrupt operations.

The dataset is structured to categorize cyber attacks across several key dimensions, including Attack Type, Category, Subcategory, and Attack Method. Each attack is classified into specific categories such as Malware, Social Engineering, Exploit Attacks, Interception Attacks, and Advanced Threats. For each attack type, the dataset outlines the specific techniques used by attackers, such as phishing, ransomware, SQL injection, and DDoS attacks, offering insights into the various tools and tactics commonly used in these malicious campaigns. The impact of each attack is also explored, highlighting how different industries and sectors, including individuals, organizations, governments, and critical infrastructures, are affected by these threats.

Key columns in the dataset include details on the Targeted Assets—whether the attack targets systems, networks, databases, or user credentials—and the Impact, which ranges from data breaches and financial loss to system compromise and operational downtime. Additionally, mitigation strategies and prevention measures are included for each attack type, emphasizing the importance of proactive defense mechanisms such as encryption, multi-factor authentication, network monitoring, and regular software patching.

Moreover, the dataset identifies whether each attack type has been commonly used in the last five years, providing valuable insights into the shifting landscape of cyber threats. The Likelihood column helps classify the frequency of these attacks (e.g., high, medium, low), while the Skill Level of Attacker ranges from low to high, offering a measure of the expertise required to execute the attacks. The Compliance Impact column highlights the potential regulatory and compliance concerns triggered by data breaches, particularly for organizations governed by standards such as GDPR, HIPAA, and PCI-DSS.

Real-world examples are included to illustrate the occurrence of these attacks, tying specific incidents to notable data breaches and cyber events. For instance, ransomware attacks are exemplified by high-profile incidents like the WannaCry outbreak and the NotPetya attack, which caused widespread disruption across various sectors globally. Similarly, Advanced Persistent Threats (APT) such as the SolarWinds hack and the Stuxnet worm are analyzed to demonstrate the sophistication and long-term nature of state-sponsored cyber espionage campaigns.

In sum, this dataset serves as a critical resource for cybersecurity professionals, researchers, and organizations seeking to understand, mitigate, and defend against a broad spectrum of modern cyber threats. It offers a structured and detailed overview of attack types, their implications for businesses and individuals, and actionable insights for building more resilient cybersecurity strategies.

In 2023, software/API vulnerabilities accounted for 38.6 percent of initial access vectors in cyberattacks, up by around 10 percent compared to 28.2 percent in 2022. Previously compromised credentials represented 20.5 percent of attacks, while social engineering and phishing were responsible for 17 percent of cyberattacks in the examined year.

The Social Engineering Penetration Testing market plays a crucial role in today's cybersecurity landscape, where organizations increasingly recognize the significance of human factors in their security protocols. Social engineering attacks exploit psychological manipulation to trick individuals into divulging confid

Cyber Attack in Telecom Sector Market size was valued at USD 5.2 Billion in 2024 and is projected to reach USD 12.8 Billion by 2032, growing at a CAGR of 11.9% during the forecast period 2026-2032.Cyber attackers are exploiting the exponential growth in data traffic caused by smartphones and linked gadgets, necessitating tighter cybersecurity measures in telecom networks.

📘 Dataset Overview

The dataset records real-world data breach incidents across multiple years and sectors, capturing key information about how and when companies experienced data losses.

🧩 Dataset Characteristics

• Total Records:** 4,926
• Total Columns:** 5

• Data Types:**

  • 3 categorical (organisation, sector, method)
  • 2 numerical (year, records_lost)

• Years Covered: Multiple years up to at least 2023

• No missing values, making it clean and ready for analysis.

📊 Possible Uses

1. Trend Analysis: Track how data breaches evolve over years—see which years had the highest number of incidents or largest record losses.
2. Sector Vulnerability Study: Identify which sectors (like Finance or Technology) are most frequently targeted or have the largest breaches.
3. Attack Pattern Insights: Compare breach causes (e.g., Malware vs. Social Engineering) across industries.
4. Predictive Modeling: Use ML models to predict the severity of future breaches (records lost) based on sector, method, and year.

⚠️ Notes

• records_lost values vary widely; consider using log scaling for better visualization.
• method might include overlapping or similar attack types—can be standardized (e.g., “Hacking” vs “Cyber Attack”).
• As with all breach datasets, ensure ethical handling and do not use for targeting real entities.

📧 What is This Dataset?

This dataset contains 4,211 synthetic Business Email Compromise (BEC) phishing emails designed to test the adversarial robustness of email security classifiers.

Unlike traditional phishing datasets, 30% of these emails employ adversarial obfuscation techniques that attackers actively use to evade AI-powered detection systems.

🎯 Why This Matters

Modern email security relies heavily on ML classifiers. However, sophisticated attackers use:

• Homoglyph attacks: Replacing Latin characters with visually identical Cyrillic characters (o → о)
• Zero-width injection: Inserting invisible Unicode characters to break keyword patterns (b‌a‌n‌k appears as bank but breaks tokenization)

These techniques can reduce detection rates by 40-60% in production systems.

🔬 Generation Method

Model: Google Gemini 2.5 Flash
Approach: Multi-dimensional prompt engineering with:

• 30+ Realistic Scenarios: Invoice fraud, wire transfer requests, credential harvesting, CEO impersonation, supply chain attacks, QR code phishing ("quishing")
• 13 Tone Profiles: Panic, authority, casual, bureaucratic, passive-aggressive, mobile/sloppy, legalistic
• Identity Realism: Faker library for names, companies, job titles, financial amounts

Adversarial Poisoning: - Random selection of 30% of fraud emails - Applied homoglyph substitution (20% of eligible characters) - Injected zero-width spaces into 24 high-confidence keywords - Preserved readability while breaking tokenization

📊 Dataset Statistics

💡 Use Cases

✅ Adversarial Robustness Testing - Evaluate if your phishing detector can handle obfuscated text
✅ Zero-Day Attack Simulation - Train models on techniques seen in real-world attacks
✅ Tokenizer Stress Testing - Test how BERT/GPT handle Cyrillic homoglyphs
✅ Social Engineering Research - Analyze linguistic patterns in BEC attacks
✅ Red Team Operations - Understand attacker obfuscation methods
✅ Defense Research - Build detectors resilient to adversarial manipulation

⚠️ Ethical Use Notice

This dataset is for defensive security research only.

• Do not use these techniques for malicious purposes
• Always obtain authorization before testing on production systems
• Follow responsible disclosure practices

🎓 Citation

If you use this dataset in research or production, please cite: ``` Adjei, Y.O. (2025). Adversarial BEC Email Dataset: 4,211 Synthetic Emails with Obfuscation Techniques. Kaggle.

```

FILE INFORMATION

File 1: synthetic_bec.csv

Description: ``` Original clean dataset of 4,211 synthetic BEC phishing emails generated using Gemini 2.5 Flash. This file contains the baseline emails before adversarial obfuscation was applied. Use this file if you want to:

• Train baseline phishing classifiers
• Compare performance against adversarially modified versions
• Study natural BEC email patterns without obfuscation

All emails are labeled as fraud (label=1) and include realistic metadata (names, companies, job titles, financial amounts) generated via the Faker library. ```

File 2: synthetic_emails_poisoned.csv

Description: ``` Adversarially modified version of the dataset. Approximately 30% of emails (~1,263 samples) have been obfuscated using:

1. HOMOGLYPH SUBSTITUTION: Latin characters replaced with Cyrillic lookalikes (e.g., 'a'→'а', 'o'→'о')
2. ZERO-WIDTH INJECTION: Invisible Unicode characters (U+200B, U+200C, U+200D) inserted into 24 target keywords

These modifications: - Break character-level tokenizers (BERT WordPiece, GPT BPE) - Evade keyword-based detection systems - Remain visually identical to humans - Preserve semantic meaning

Use this file to test the adversarial robustness of your models. ```

COLUMN DESCRIPTORS

For Both Files (Same Schema):

Security Awareness Training Market Outlook 2025-2034

The global security awareness training market was valued at $6.8 billion in 2025 and is projected to reach $21.4 billion by 2034, expanding at a compound annual growth rate (CAGR) of 13.6% over the forecast period 2026 to 2034, driven by an unprecedented surge in cyber threats, regulatory compliance pressures, and the broad adoption of cloud-based learning platforms across industries worldwide.

The explosive growth trajectory of the security awareness training market is deeply rooted in the escalating frequency and sophistication of cyberattacks targeting human vulnerabilities rather than technical infrastructure. According to industry data, more than 85% of data breaches in 2025 involved a human element, including phishing, social engineering, and credential theft. This staggering statistic has compelled organizations of all sizes to invest substantially in continuous, behavior-focused employee security education programs. The convergence of regulatory requirements such as the General Data Protection Regulation (GDPR), the Health Insurance Portability and Accountability Act (HIPAA), the Payment Card Industry Data Security Standard (PCI DSS), and a growing array of national cybersecurity mandates has further institutionalized security awareness training as a non-negotiable compliance function. In 2025, enterprises globally lost an estimated $4.88 million on average per data breach, a figure that provides an overwhelming financial justification for proactive training investments. The proliferation of remote and hybrid work models has dramatically expanded organizational attack surfaces, making endpoint user behavior a critical security variable. Cloud-based training platforms now leverage adaptive learning algorithms, gamification, and real-time phishing simulations to deliver personalized, engaging training experiences, dramatically improving knowledge retention and measurable behavioral change versus legacy, static e-learning modules. Small and medium enterprises (SMEs), historically underserved by legacy security vendors, are increasingly adopting affordable, SaaS-based training solutions, adding a vast new addressable customer base to the market. In parallel, advanced threat intelligence integration into training content ensures that curricula remain dynamically aligned with the latest threat vectors, including business email compromise (BEC), deepfake social engineering, and AI-generated spear phishing attacks. The market is also witnessing significant demand from the public sector, healthcare institutions, and critical infrastructure operators responding to government-led cybersecurity frameworks and mandates. As artificial intelligence and machine learning are embedded deeper into training platforms, providers are delivering hyper-personalized learning paths, risk-scored employ