Key Takeaways
- In 2023, “phishing” was the second-most common cybercrime type reported to the UK’s Action Fraud by victims (after fraud/billing scams)
- Attackers sent 3.4 billion phishing emails per day in 2023 (global estimate)
- Phishing is the #1 cause of data breaches for 60% of breaches reported in Verizon’s DBIR (in the ‘social engineering’ category)
- 54% of organizations in a 2023 survey reported using email security solutions with anti-phishing capabilities (Gartner Peer Insights / industry survey summary).
- 76% of organizations reported using some form of phishing simulation training for employees (2024 survey), reflecting widespread adoption of security awareness activities.
- 50% of organizations in a 2024 survey said they used MFA to mitigate phishing risks, meaning multi-factor authentication is commonly viewed as a control for email-based credential theft.
- In the 2024 Google Transparency Report, 99.99% of phishing attempts were blocked before reaching users across Google-managed infrastructure in the reported measurement period.
- In Google’s Safe Browsing / phishing protection reporting, 100% of phishing URLs detected by Safe Browsing are checked and blocked in supported contexts (blocking metric published by Google).
- $2.8 million is the estimated average cost of ransomware incidents where initial access used phishing in a 2023 analysis by Sophos (cost model using industry breach case studies).
- Phishing is responsible for 20% of cyber risk events that lead to incident response costs in IBM’s Cost of a Data Breach benchmark analysis (phishing-driven initial access segment).
- In 2023, reported ‘phishing’ losses in the UK Action Fraud platform were within the overall social engineering/fraud reporting categories totaling hundreds of millions of GBP (UK case records aggregated by the NCSC/UK reporting), showing large aggregate financial harm.
- 65% of organizations experienced a phishing attack at least once in the past 12 months (2023 survey), indicating phishing is highly prevalent across enterprises.
- Microsoft observed that email is responsible for the majority of malware delivered to users as part of phishing and social engineering campaigns (2023/2024 Microsoft Security research), showing delivery-channel concentration.
- RSA SecurID breach events reported by CISA involved phishing emails used to obtain initial access, quantifying phishing’s role in documented real-world intrusion cases.
Phishing remains the leading entry point for major breaches and fraud, costing billions globally despite widespread defenses.
Related reading
01 · Category
Prevalence10 stats
Prevalence Interpretation
02 · Category
User Adoption3 stats
User Adoption Interpretation
03 · Category
Performance Metrics2 stats
Performance Metrics Interpretation
More related reading
04 · Category
Cost Analysis4 stats
Cost Analysis Interpretation
05 · Category
Industry Trends2 stats
Industry Trends Interpretation
06 · Category
Case Studies1 stats
Case Studies Interpretation
Prevalence and impact of phishing
Phishing remains a leading cause of social-engineering breaches and continues to drive substantial losses, while many organizations adopt defenses like anti-phishing email controls, simulations, and MFA.
Cite This Report
This report is designed to be cited. We maintain stable URLs and versioned verification dates. Copy the format appropriate for your publication below.
Priya Chandrasekaran. (2026, February 13). Email Phishing Statistics. Gitnux. https://gitnux.org/email-phishing-statistics
Priya Chandrasekaran. "Email Phishing Statistics." Gitnux, 13 Feb 2026, https://gitnux.org/email-phishing-statistics.
Priya Chandrasekaran. 2026. "Email Phishing Statistics." Gitnux. https://gitnux.org/email-phishing-statistics.
Sources & references
22 datasets cited across this report · attribution is report-level
+6 additional datasets cited (not shown individually)

