During the fourth quarter of 2024, nearly 23 percent of phishing attacks worldwide targeted social media. Web-based software services and webmail were targeted by over 23 percent of registered phishing attacks. Furthermore, financial institutions accounted for 12 percent of attacks.

In 2023, 21,489 individuals in the United States reported encountering business e-mail compromise (BEC) scams. This figure has slightly increased in the last three years, with 19,954 reported victims in 2021 and, 21,832 in 2022.

Introduction

Phishing Statistics: Phishing is a kind of cyberattack in which criminals try to fool people into sharing personal information such as passwords or credit card numbers, often by pretending to be a trusted company or person through fake emails, websites, or messages. Phishing has become more common as many people use the Internet for banking, shopping, and communication.

In 2024, phishing attacks are a major threat to both individuals and businesses. Criminals are using more advanced techniques, and these attacks are costing billions of dollars globally. People need to stay aware and cautious online to avoid falling victim to these scams.

The dataset 1 contains the age, qualification level, their awareness about phishing and if they became victim to phishing. The dataset 1 contains the result to detection rate before awareness and briefing of phishing after a successful spear phishing.

The dataset 2 contains the age, qualification level, their awareness about phishing and if they became victim to phishing. The dataset 2 contains the result to detection rate after awareness and briefing of phishing after a successful smishing.

These data consist of a collection of legitimate as well as phishing website instances. Each website is represented by the set of features which denote, whether website is legitimate or not. Data can serve as an input for machine learning process.

In this repository the two variants of the Phishing Dataset are presented.

Full variant - dataset_full.csv Short description of the full variant dataset: Total number of instances: 88,647 Number of legitimate website instances (labeled as 0): 58,000 Number of phishing website instances (labeled as 1): 30,647 Total number of features: 111

Small variant - dataset_small.csv Short description of the small variant dataset: Total number of instances: 58,645 Number of legitimate website instances (labeled as 0): 27,998 Number of phishing website instances (labeled as 1): 30,647 Total number of features: 111

1) Data Introduction • The Email Phishing Dataset is designed for phishing email detection using machine learning.

2) Data Utilization (1) Email Phishing Dataset has characteristics that: • All emails were refined and subjected to a custom NLP feature extraction pipeline focused on phishing metrics. • This dataset contains no raw text or headers, only features engineered for model training/testing. (2) Email Phishing Dataset can be used to: • Developing an email detection model: It can be used to train and evaluate AI models that classify normal mail and phishing mail using various characteristics such as email body, subject, and sender. • E-mail security policy and threat analysis research: Analyzing real phishing cases and normal email data to derive the characteristics of phishing attacks, and use them to establish effective email security policies and develop threat response strategies.

Phishing Protection Market Outlook

The global phishing protection market size was valued at approximately USD 900 million in 2023 and is projected to reach USD 2.4 billion by 2032, growing at a compound annual growth rate (CAGR) of 11.5% from 2024 to 2032. The growth of this market is fueled by the escalating volume and sophistication of phishing attacks, coupled with increasing awareness about cybersecurity among organizations across various industries.

One of the significant growth factors driving the phishing protection market is the increasing number of cyberattacks targeting both individuals and organizations. Phishing attacks have become more sophisticated, making it crucial for businesses to invest in advanced protection measures. The rise in spear-phishing, where attackers target specific individuals within an organization, has heightened the need for robust phishing protection solutions. Moreover, the financial and reputational damage caused by successful phishing attacks is pushing organizations to adopt comprehensive security solutions, thereby driving market growth.

Another critical factor contributing to the market's expansion is the growing regulatory landscape around data protection and cybersecurity. Governments and regulatory bodies across the globe are implementing stringent regulations to ensure data security and protect consumer information. Compliance with regulations such as GDPR in Europe, CCPA in California, and other data protection laws worldwide necessitates the deployment of advanced phishing protection solutions. Organizations must adhere to these regulations to avoid hefty fines and legal repercussions, further propelling the adoption of phishing protection services and software.

The increasing adoption of digital transformation strategies by enterprises is also a significant driver of market growth. As businesses migrate their operations to cloud platforms and adopt new technologies, they become more vulnerable to cyber threats, including phishing attacks. The shift towards remote work and the integration of Bring Your Own Device (BYOD) policies have expanded the attack surface for cybercriminals. Consequently, organizations are prioritizing investments in phishing protection solutions to safeguard their digital assets and maintain business continuity in a highly digitized environment.

In addition to phishing attacks, organizations are increasingly facing threats from credential stuffing, a type of cyberattack where attackers use automated tools to try multiple username and password combinations to gain unauthorized access to user accounts. This has led to a growing demand for Credential Stuffing Protection solutions, which are designed to detect and block such attempts. These solutions often employ advanced techniques such as behavioral analytics and machine learning to identify suspicious login activities and prevent unauthorized access. As businesses continue to digitize their operations and store sensitive data online, the need for robust Credential Stuffing Protection measures becomes even more critical. By implementing these solutions, organizations can safeguard their user accounts and maintain trust with their customers.

Regionally, North America is anticipated to dominate the phishing protection market during the forecast period, owing to the high incidence of cyberattacks and the presence of leading cybersecurity companies. Europe is also expected to witness significant growth, driven by stringent data protection regulations and increasing cyber threats. The Asia Pacific region is projected to exhibit the highest CAGR, fueled by rapid digitalization, increasing internet penetration, and growing awareness about cybersecurity threats. Latin America, the Middle East, and Africa are also expected to contribute to the market's growth, albeit at a slower pace compared to other regions.

Component Analysis

The phishing protection market is segmented by components into software and services. The software segment is expected to hold a significant share of the market, as organizations increasingly rely on advanced software solutions to detect and prevent phishing attacks. Software solutions typically include email filtering, URL filtering, and anti-phishing tools that help identify and block malicious content. Moreover, the continuous advancements in machine learning and artificial intelligence are enhancing the capabilities of phishing protection software, making them more effective in ide

IntroductionThe dynamic and sophisticated nature of phishing attacks, coupled with the relatively weak anti-phishing tools, has made phishing detection a pressing challenge. In light of this, new gaps have emerged in phishing detection, including the challenges and pitfalls of existing phishing detection techniques. To bridge these gaps, this study aims to develop a more robust, effective, sophisticated, and reliable solution for phishing detection through the optimal feature vectorization algorithm (OFVA) and supervised machine learning (SML) classifiers.MethodsInitially, the OFVA was utilized to extract the 41 optimal intra-URL features from a novel large dataset comprising 2,74,446 raw URLs (134,500 phishing and 139,946 legitimate URLs). Subsequently, data cleansing, curation, and dimensionality reduction were performed to remove outliers, handle missing values, and exclude less predictive features. To identify the optimal model, the study evaluated and compared 15 SML algorithms arising from different machine learning (ML) families, including Bayesian, nearest-neighbors, decision trees, neural networks, quadratic discriminant analysis, logistic regression, bagging, boosting, random forests, and ensembles. The evaluation was performed based on various metrics such as confusion matrix, accuracy, precision, recall, F-1 score, ROC curve, and precision-recall curve analysis. Furthermore, hyperparameter tuning (using Grid-search) and k-fold cross-validation were performed to optimize the detection accuracy.Results and discussionThe findings indicate that random forests (RF) outperformed the other classifiers, achieving a greater accuracy rate of 97.52%, followed by 97.50% precision, and an AUC value of 97%. Finally, a more robust and lightweight anti-phishing model was introduced, which can serve as an effective tool for security experts, practitioners, and policymakers to combat phishing attacks.

the scenarios tested were run on the small_dataset. The most successful configuration that was selected as a result of the analysis on small_dataset was applied to big_dataset.

The spear phishing market is experiencing robust growth, driven by the increasing sophistication of cyberattacks and the expanding digital landscape. While precise market sizing data is unavailable, considering the substantial investments in cybersecurity and the consistent rise in reported phishing incidents, a reasonable estimate for the 2025 market size would be in the range of $5-7 billion. This figure reflects the rising costs associated with data breaches, regulatory fines, and the increasing demand for advanced threat detection and response solutions. A Compound Annual Growth Rate (CAGR) of 12-15% over the forecast period (2025-2033) is plausible, considering ongoing technological advancements in spear phishing techniques and the corresponding need for robust countermeasures. Key drivers include the growth of remote work, increasing reliance on cloud services, and the evolving tactics employed by cybercriminals to target specific individuals and organizations. Trends point towards a greater focus on artificial intelligence (AI) and machine learning (ML) in threat detection, as well as a shift towards proactive security measures and employee training programs to mitigate the impact of spear phishing attacks. However, restraints include the ever-evolving nature of spear phishing techniques, the persistent skills gap in cybersecurity professionals, and the potential for false positives in automated detection systems. Segmentation within the market is likely to exist based on solution type (e.g., email security, security awareness training), deployment model (cloud, on-premises), and target industry (financial services, healthcare, government). Companies like BAE Systems, Check Point Software Technologies, Cisco Systems, and Proofpoint are key players actively innovating and competing within this dynamic market. The significant market expansion is further fueled by the high financial stakes involved in successful spear phishing campaigns. The impact of successful attacks, including data breaches, financial losses, and reputational damage, encourages organizations to invest heavily in comprehensive security solutions. The proliferation of sophisticated spear phishing techniques, such as personalized phishing emails and the use of social engineering, necessitates advanced detection and prevention technologies. The market's competitive landscape is characterized by both established cybersecurity vendors and emerging players who are constantly developing new solutions to combat the threat of spear phishing. The competitive dynamics will likely lead to further innovation and drive market growth in the coming years, enhancing the overall sophistication of spear phishing detection and prevention solutions.

A partial dataset and document-term matrix of phishing emails targeting an institution of higher education and an associated script used for data analysis.

data-phishing-detection

A dataset to test methods to detect phishing emails The file data.parquet contains the dataset, 400 emails. 200 are synthetic phishing attempts and 200 are synthetic regular emails.

  Schema

input - an email, synthesized by an LLM, that is either a phishing attempt or a regular email. output - 'Yes' if the email is a phishing attempt, 'No' otherwise.

  Prompt

The prompt.md file contains a prompt that can be used with an LLM as a starting… See the full description on the dataset page: https://huggingface.co/datasets/RevaHQ/data-phishing-detection.

Problem Statement

👉 Download the case studies here

Organizations face an increasing number of sophisticated cybersecurity threats, including malware, phishing attacks, and unauthorized access. A financial institution experienced frequent attempts to breach its network, risking sensitive data and regulatory compliance. Traditional security measures were reactive and failed to detect threats in real time. The institution sought a proactive AI-driven solution to identify and prevent cybersecurity threats effectively.

Challenge

Developing an advanced threat detection system required addressing several challenges:

Processing and analyzing large volumes of network traffic and user activity data in real time.

Identifying new and evolving threats, such as zero-day vulnerabilities, with high accuracy.

Minimizing false positives to ensure security teams could focus on genuine threats.

Solution Provided

An AI-powered threat detection system was developed using machine learning algorithms and advanced analytics. The solution was designed to:

Continuously monitor network activity and user behavior to identify suspicious patterns.

Detect and neutralize cybersecurity threats in real time, including malware and phishing attempts.

Provide actionable insights to security teams for faster and more effective threat response.

Development Steps

Data Collection

Collected network traffic logs, endpoint activity, and historical threat data to train machine learning models.

Preprocessing

Cleaned and standardized data, ensuring compatibility across diverse sources, and filtered out noise for accurate analysis.

Model Development

Developed machine learning algorithms for anomaly detection, behavioral analysis, and threat classification. Trained models on labeled datasets to recognize known threats and identify emerging attack patterns.

Validation

Tested the system against simulated and real-world threat scenarios to evaluate detection accuracy, response times, and reliability.

Deployment

Integrated the threat detection system into the institution’s existing cybersecurity infrastructure, including firewalls, SIEM (Security Information and Event Management) tools, and endpoint protection

Continuous Monitoring & Improvement

Established a feedback loop to refine models using new threat data and adapt to evolving attack strategies.

Results

Enhanced Security Posture

The system improved the institution’s ability to detect and prevent cybersecurity threats proactively, strengthening its overall security framework.

Reduced Incidence of Cyber Attacks

Real-time detection and response significantly reduced the frequency and impact of successful cyber attacks.

Improved Threat Response Times

Automated threat identification and prioritization enabled security teams to respond faster and more effectively to potential breaches.

Minimized False Positives

Advanced algorithms reduced false alarms, allowing security teams to focus on genuine threats and improve efficiency.

Scalable and Adaptive Solution

The system adapted to new threats and scaled effortlessly to protect growing organizational networks and data.

The provided dataset includes 11430 URLs with 87 extracted features. The dataset are designed to be used as a a benchmark for machine learning based phishing detection systems. Features are from three different classes: 56 extracted from the structure and syntax of URLs, 24 extracted from the content of their correspondent pages and 7 are extracetd by querying external services. The datatset is balanced, it containes exactly 50% phishing and 50% legitimate URLs. Associated to the dataset, we provide Python scripts used for the extraction of the features for potential replication or extension. Datasets are constructed on May 2020.

dataset_A: contains a list a URLs together with their DOM tree objects that can be used for replication and experimenting new URL and content-based features overtaking short-time living of phishing web pages.

dataset_B: containes the extracted feature values that can be used directly as inupt to classifiers for examination. Note that the data in this dataset are indexed with URLs so that one need to remove the index before experimentation.

Spear Phishing Protection Market Outlook

The global spear phishing protection market size was valued at approximately USD 1.1 billion in 2023 and is projected to reach around USD 3.5 billion by 2032, with a robust compound annual growth rate (CAGR) of 13.5% during the forecast period. This significant growth in market size is primarily driven by the increasing sophistication of cyber threats, particularly spear phishing attacks, which have become a major concern for organizations worldwide. As businesses continue to digitize operations and store sensitive information online, there is an urgent need to implement advanced protection mechanisms to safeguard against cyber threats. This heightened awareness and the necessity for robust security solutions act as growth catalysts for the spear phishing protection market.

One of the primary growth factors of the spear phishing protection market is the rising number of targeted phishing attacks. In recent years, these types of threats have evolved considerably, becoming more personalized and difficult to detect. This has led to increased demand for sophisticated security solutions that can identify and mitigate these threats effectively. Organizations are investing in technologies such as machine learning and artificial intelligence to enhance their spear phishing protection capabilities. These technologies enable the development of intelligent systems capable of analyzing vast amounts of data to detect anomalies and potential threats, providing a proactive approach to cybersecurity.

Another significant driver for market growth is the stringent regulatory landscape surrounding data protection and information security. Governments and regulatory bodies across the globe are instituting strict compliance requirements to protect sensitive data and maintain consumer trust. This regulatory pressure compels organizations to adopt comprehensive spear phishing protection solutions. Compliance with regulations such as the General Data Protection Regulation (GDPR) in Europe and the California Consumer Privacy Act (CCPA) in the United States not only helps organizations avoid hefty penalties but also fortifies their defenses against cyber threats. This adherence to regulations is a critical factor contributing to the expansion of the spear phishing protection market.

The increase in remote working practices, fueled by the COVID-19 pandemic, has further underscored the necessity for robust spear phishing protection solutions. With employees accessing corporate systems from various locations, often using personal devices, the risk of phishing attacks has amplified. Organizations are now focusing on strengthening their security infrastructures to protect remote access points and ensure that their employees are educated about the importance of cybersecurity. This shift in the working environment has accelerated the demand for cloud-based spear phishing protection solutions, providing flexibility and scalability to meet diverse organizational needs.

Regionally, North America holds a significant share of the spear phishing protection market, owing to the high adoption of advanced technologies and the presence of major cybersecurity vendors in the region. The well-established IT infrastructure in North America supports the implementation of cutting-edge spear phishing protection solutions. Additionally, the Asia Pacific region is expected to witness substantial growth during the forecast period, driven by rapid digital transformation and increasing cyber threats. Countries like China and India are experiencing a surge in cyberattacks, prompting governments and enterprises to invest heavily in cybersecurity measures.

Component Analysis

The spear phishing protection market is segmented into two primary components: solutions and services. Solutions consist of various software applications designed to detect, prevent, and mitigate spear phishing attacks. These solutions are critical in identifying phishing emails, isolating malicious links, and protecting sensitive data. The growing complexity of spear phishing attacks necessitates continuous updates and improvements to these solutions, as cybercriminals constantly adapt their tactics to bypass security measures. As a result, there is a steady demand for innovative and adaptive solutions that can efficiently address the evolving threat landscape.

Services, on the other hand, encompass a range of support activities that enhance the effectiveness of spear phishing protection solutions. These services include consulting, training, and maintenance, which are essential for organizations to optimize t

PhiUSIIL Phishing URL Dataset is a substantial dataset comprising 134,850 legitimate and 100,945 phishing URLs. Most of the URLs we analyzed while constructing the dataset are the latest URLs. Features are extracted from the source code of the webpage and URL. Features such as CharContinuationRate, URLTitleMatchScore, URLCharProb, and TLDLegitimateProb are derived from existing features.

Citation: Prasad, A., & Chandra, S. (2023). PhiUSIIL: A diverse security profile empowered phishing URL detection framework based on similarity index and incremental learning. Computers & Security, 103545. doi: https://doi.org/10.1016/j.cose.2023.103545

Analysis of ‘Phishing Dataset for Machine Learning’ provided by Analyst-2 (analyst-2.ai), based on source dataset retrieved from https://www.kaggle.com/shashwatwork/phishing-dataset-for-machine-learning on 28 January 2022.

--- Dataset description provided by original source is as follows ---

Context

Anti-phishing refers to efforts to block phishing attacks. Phishing is a kind of cybercrime where attackers pose as known or trusted entities and contact individuals through email, text or telephone and ask them to share sensitive information. Typically, in a phishing email attack, and the message will suggest that there is a problem with an invoice, that there has been suspicious activity on an account, or that the user must login to verify an account or password. Users may also be prompted to enter credit card information or bank account details as well as other sensitive data. Once this information is collected, attackers may use it to access accounts, steal data and identities, and download malware onto the user’s computer.

Content

This dataset contains 48 features extracted from 5000 phishing webpages and 5000 legitimate webpages, which were downloaded from January to May 2015 and from May to June 2017. An improved feature extraction technique is employed by leveraging the browser automation framework (i.e., Selenium WebDriver), which is more precise and robust compared to the parsing approach based on regular expressions.

Anti-phishing researchers and experts may find this dataset useful for phishing features analysis, conducting rapid proof of concept experiments or benchmarking phishing classification models.

Acknowledgements

Tan, Choon Lin (2018), “Phishing Dataset for Machine Learning: Feature Evaluation”, Mendeley Data, V1, doi: 10.17632/h3cgnj8hft.1 Source of the Dataset.

--- Original source retains full ownership of the source dataset ---

Phishing Simulation Market Outlook

According to our latest research, the global phishing simulation market size reached USD 1.38 billion in 2024, and is expected to grow at a robust Compound Annual Growth Rate (CAGR) of 13.9% during the forecast period, reaching USD 4.19 billion by 2033. This remarkable growth is primarily driven by the increasing sophistication of phishing attacks, the rising awareness among organizations regarding cybersecurity threats, and the growing emphasis on employee security training. As organizations continue to digitize their operations and remote work becomes more prevalent, the need for advanced phishing simulation solutions has never been greater. The demand for comprehensive security awareness programs is further fueling market expansion, as enterprises seek to minimize the risk of data breaches and financial losses associated with phishing.

One of the most significant growth factors propelling the phishing simulation market is the increasing frequency and complexity of phishing attacks targeting organizations of all sizes. Cybercriminals are leveraging advanced tactics such as spear phishing, business email compromise, and social engineering to bypass traditional security defenses. In response, organizations are adopting phishing simulation tools to proactively test and train their employees, identifying vulnerabilities before they can be exploited. The integration of artificial intelligence and machine learning in phishing simulation platforms is further enhancing their effectiveness, enabling real-time threat detection and personalized training modules. As a result, companies are able to significantly reduce the likelihood of successful phishing attempts, which translates into substantial cost savings and improved organizational resilience.

Another crucial driver for the phishing simulation market is the increasing regulatory pressure on organizations to comply with data protection and cybersecurity standards. Regulations such as the General Data Protection Regulation (GDPR), Health Insurance Portability and Accountability Act (HIPAA), and other regional data security mandates require organizations to implement robust security awareness training programs. Phishing simulation solutions play a vital role in fulfilling these compliance requirements by providing measurable and auditable training outcomes. The growing emphasis on risk management and the need to demonstrate due diligence to regulators and stakeholders are prompting organizations across sectors such as BFSI, healthcare, and government to invest heavily in phishing simulation platforms, thereby boosting market growth.

The rapid adoption of cloud-based technologies and the proliferation of remote and hybrid work environments have also contributed significantly to the expansion of the phishing simulation market. As employees access corporate resources from various locations and devices, the attack surface for cybercriminals expands dramatically. Organizations are increasingly leveraging cloud-based phishing simulation solutions to ensure consistent training and threat assessment across distributed workforces. These platforms offer scalability, ease of deployment, and integration with existing security infrastructures, making them highly attractive to enterprises of all sizes. Furthermore, the evolution of phishing simulation tools to address mobile and social engineering threats is expanding their applicability, ensuring that organizations remain protected in an ever-changing digital landscape.

From a regional perspective, North America continues to dominate the phishing simulation market, accounting for the largest share in 2024, followed by Europe and the Asia Pacific region. The strong presence of leading cybersecurity vendors, high adoption rates of advanced security solutions, and stringent regulatory frameworks are key factors contributing to North America’s leadership. Europe is experiencing steady growth, driven by increasing investments in cybersecurity infrastructure and compliance with data protection regulations. Meanwhile, the Asia Pacific region is witnessing the fastest growth, fueled by rapid digital transformation, rising cyber threats, and an expanding base of small and medium enterprises (SMEs) seeking affordable and scalable phishing simulation solutions. Latin America and the Middle East & Africa are also emerging as promising markets, albeit at a relatively nascent stage, as organizations in these regions gradually

The phishing simulation market is experiencing robust growth, driven by the escalating sophistication of phishing attacks and the increasing regulatory pressure on organizations to enhance their cybersecurity posture. The market, currently valued at approximately $1.5 billion in 2025 (estimated based on typical market sizes for cybersecurity segments with similar growth rates), is projected to experience a Compound Annual Growth Rate (CAGR) of 15% from 2025 to 2033. This expansion is fueled by several key factors. Firstly, the rising frequency and success rate of phishing campaigns targeting both large enterprises and SMEs necessitate proactive security measures like simulation training. Secondly, evolving attack vectors and techniques demand continuous adaptation and improvement in security awareness programs, creating a sustained demand for advanced phishing simulation solutions. Thirdly, stringent data privacy regulations like GDPR and CCPA are imposing significant penalties for data breaches resulting from successful phishing attacks, motivating organizations to invest heavily in preventative measures including simulation-based training. The market segmentation reveals a significant share held by software-based solutions, owing to their scalability, ease of deployment, and cost-effectiveness. However, the service segment is also experiencing strong growth due to the increasing need for expert guidance and managed services in designing and implementing effective phishing simulation programs. Geographically, North America currently dominates the market, followed by Europe, reflecting the high level of cybersecurity awareness and regulatory compliance in these regions. However, the Asia-Pacific region is expected to exhibit the highest growth rate over the forecast period, driven by increasing digital adoption and rising awareness of cybersecurity threats in developing economies. While the market faces certain restraints, such as the need for specialized expertise and the potential for high implementation costs, the overall growth trajectory remains positive, driven by the overwhelming need to combat the ever-evolving threat landscape of phishing attacks.