GITNUXREPORT 2026

Phishing Scam Statistics

Phishing attacks soared to record highs and cost billions globally in 2023.

Sarah Mitchell

Sarah Mitchell

Senior Researcher specializing in consumer behavior and market trends.

First published: Feb 13, 2026

Our Commitment to Accuracy

Rigorous fact-checking · Reputable sources · Regular updatesLearn more

Key Statistics

Statistic 1

Email remains the primary vector for 91% of phishing attacks per Proofpoint 2024.

Statistic 2

APWG Q4 2023: 72% of phishing used malicious links, 28% attachments.

Statistic 3

Verizon DBIR 2024: SMS phishing (smishing) up 328% year-over-year.

Statistic 4

KnowBe4 2024: BEC phishing via email spoofing in 83% of incidents.

Statistic 5

Microsoft 2023: QR code phishing (quishing) rose 51% in detections.

Statistic 6

Barracuda 2024: Voice phishing (vishing) in 36% of attacks targeting helpdesks.

Statistic 7

Mimecast 2024: Adversary-in-the-middle (AiTM) phishing evaded MFA in 75% cases.

Statistic 8

Abnormal Security 2024: 64% of phishing used Microsoft domains for spoofing.

Statistic 9

Zscaler 2024: Mobile app phishing via sideloading in 19% attacks.

Statistic 10

Sophos 2024: Malicious attachments in 22% ransomware phishing.

Statistic 11

Cisco 2024: Social media phishing via DMs up 45%.

Statistic 12

ENISA 2023: Homoglyph domain attacks in 41% financial phishing.

Statistic 13

Keeper 2024: Credential harvesting pages mimicked login portals in 88%.

Statistic 14

GlobalSign 2024: SSL-enabled phishing sites 92% of total.

Statistic 15

Check Point 2024: Spear-phishing personalized with 97% delivery success.

Statistic 16

Talos 2023: Phishing kits using HTML smuggling in 55% samples.

Statistic 17

Cofense 2023: Malicious URL shorteners hid 68% of phishing redirects.

Statistic 18

IBM 2024: MFA fatigue attacks via push phishing in 28% stolen creds.

Statistic 19

FTC 2023: Tech support impersonation vishing 25% of complaints.

Statistic 20

Ponemon 2023: Watering hole attacks combined with phishing 15%.

Statistic 21

Statista 2024: Smishing rates tripled since 2020 to 12% of phishing.

Statistic 22

APWG 2023: Brand impersonation in 85% of phishing campaigns.

Statistic 23

IC3 2023: Investment scam phishing via email 70% of crypto fraud.

Statistic 24

The total global financial losses from phishing scams in 2023 exceeded $12.5 billion according to the FBI IC3 report.

Statistic 25

Verizon DBIR 2024 estimated average cost of a phishing-initiated breach at $4.88 million.

Statistic 26

IBM Cost of Data Breach 2024 reported phishing-related breaches averaging $4.76 million globally.

Statistic 27

APWG 2023 economic impact study valued phishing losses at $52 billion worldwide.

Statistic 28

FTC 2023 data showed phishing scams causing $330 million in consumer losses in the US.

Statistic 29

Proofpoint 2024 report: Average phishing incident costs orgs $4.5 million including downtime.

Statistic 30

Statista 2024: Global phishing cybercrime losses projected to hit $48 billion by 2025.

Statistic 31

IC3 2023: Business Email Compromise (BEC), often via phishing, losses at $2.9 billion.

Statistic 32

Ponemon Institute 2023: Phishing contributes to 25% of breach costs averaging $9.44 million.

Statistic 33

KnowBe4 2024: Cost per clicked phishing link estimated at $1,500 in remediation.

Statistic 34

Mimecast 2024: Average BEC phishing loss per incident $130,000.

Statistic 35

Barracuda 2024: Phishing downtime costs avg $25,000 per hour for enterprises.

Statistic 36

Abnormal Security 2024: Phishing email losses totaled $3.4 billion in social engineering scams.

Statistic 37

Zscaler 2024: Ransomware from phishing cost $20 billion globally in 2023.

Statistic 38

Sophos 2024: Avg ransomware payout post-phishing $1.54 million.

Statistic 39

Cisco 2024: Phishing-related incident response costs $1.2 million on average.

Statistic 40

ENISA 2023: EU phishing financial impact €1.8 billion annually.

Statistic 41

Keeper 2024: Credential phishing leads to $5.9 billion in account takeover losses.

Statistic 42

GlobalSign 2024: Domain spoofing phishing caused $700 million in brand damage.

Statistic 43

Check Point 2024: Avg cost per phishing breach $4.91 million.

Statistic 44

Talos 2023: Phishing kits enabled $2.1 billion in fraud losses.

Statistic 45

Cofense 2023: Spear-phishing losses averaged $6.9 million per org.

Statistic 46

Microsoft 2023: BEC scams via phishing totaled $4.3 billion reported losses.

Statistic 47

In 2023, the Anti-Phishing Working Group (APWG) reported a record 5.3 million unique phishing sites detected worldwide, marking a 50% increase from 2022.

Statistic 48

Verizon's 2024 Data Breach Investigations Report (DBIR) found that phishing was involved in 24% of all confirmed data breaches analyzed.

Statistic 49

Proofpoint's 2024 State of the Phish report indicated that 84% of organizations experienced at least one successful phishing attack in the past year.

Statistic 50

The FBI's Internet Crime Complaint Center (IC3) 2023 report logged over 298,000 phishing complaints, up 10% from the previous year.

Statistic 51

Google's Transparency Report for Q4 2023 blocked 2.2 million phishing URLs daily on average across its services.

Statistic 52

APWG Q1 2024 trends showed phishing emails targeting financial institutions rose by 37% quarter-over-quarter.

Statistic 53

IBM's 2024 Cost of a Data Breach report noted phishing as the initial attack vector in 16% of breaches.

Statistic 54

Statista reported that in 2023, there were approximately 300,000 phishing-related cyber incidents in the EU alone.

Statistic 55

Microsoft's Digital Defense Report 2023 detected over 300 million phishing attempts blocked in Microsoft 365 daily.

Statistic 56

KnowBe4's 2024 Phishing by Industry Benchmarking Report surveyed 1,500 orgs, finding average phish click rate at 36.6%.

Statistic 57

APWG Q2 2024 reported 1.2 million phishing attacks detected, with a focus on cryptocurrency scams surging 22%.

Statistic 58

FTC's 2023 Consumer Sentinel Network data showed phishing/scam complaints numbering 806,082.

Statistic 59

Cisco's 2024 Cybersecurity Threat Trends Report identified phishing in 41% of malware campaigns.

Statistic 60

ENISA's Threat Landscape 2023 highlighted phishing as the most common initial access technique in 35% of incidents.

Statistic 61

PhishLabs (now Cofense) 2023 Phishing Threat Trends reported 1.7 billion phishing emails detected annually.

Statistic 62

Barracuda Networks' 2024 Phishing Threat Report noted 57% of orgs hit by phishing weekly.

Statistic 63

IC3 2023 data revealed phishing as the top cybercrime type with 300,497 complaints.

Statistic 64

APWG 2023 annual stats showed phishing sites peaking at 1.5 million in November alone.

Statistic 65

Zscaler's 2024 ThreatLabz report blocked 8.7 billion phishing attempts in 2023.

Statistic 66

Sophos 2024 State of Ransomware noted phishing in 37% of ransomware entry points.

Statistic 67

Keeper Security's 2024 Phishing Trends Report found 92% of malware distributed via phishing.

Statistic 68

Abnormal Security's 2024 report detected 1.5 billion malicious emails in 2023.

Statistic 69

FBI IC3 2022 vs 2023 showed phishing complaints up 22% to 298,878.

Statistic 70

APWG Q3 2023 reported 1.4 million unique phishing sites, highest quarterly ever.

Statistic 71

Proofpoint 2023 data: 96% of orgs faced sophisticated phishing.

Statistic 72

GlobalSign's 2024 Phishing Report noted 4.7 million phishing domains registered in 2023.

Statistic 73

Mimecast's 2024 State of Email Security found 1 in 99 emails are phishing.

Statistic 74

Check Point Research 2024: Phishing attacks up 49% year-over-year.

Statistic 75

Talos Intelligence 2023: Over 10 million phishing kits active globally.

Statistic 76

Training reduced phishing click rates by 40% per KnowBe4 2024.

Statistic 77

Proofpoint 2024: MFA blocked 99.9% of account takeover phishing.

Statistic 78

IBM 2024: AI-driven detection cut phishing breach costs by 28%.

Statistic 79

Microsoft 2023: Zero-trust architecture prevented 85% phishing escalations.

Statistic 80

Barracuda 2024: Email gateways stopped 99.4% inbound phishing.

Statistic 81

Mimecast 2024: URL defense rewrote 1.2 billion risky links annually.

Statistic 82

Abnormal Security 2024: Behavioral AI detected 95% BEC phishing.

Statistic 83

Zscaler 2024: Cloud sandboxing detonated 99% malicious attachments.

Statistic 84

Sophos 2024: Backups enabled 78% ransomware recovery post-phishing.

Statistic 85

Cisco 2024: EDR tools isolated 92% phishing infections within 1 hour.

Statistic 86

ENISA 2023: Incident response plans reduced phishing downtime 55%.

Statistic 87

Keeper 2024: Passwordless auth cut phishing success by 97%.

Statistic 88

GlobalSign 2024: DMARC enforcement blocked 89% spoofed domains.

Statistic 89

Check Point 2024: Threat intel sharing averted 76% targeted phishing.

Statistic 90

Talos 2023: Browser filters stopped 98% kit-based phishing.

Statistic 91

Cofense 2024: Phish reporting buttons used in 45% incidents for quick triage.

Statistic 92

Verizon DBIR 2024: Segmentation limited 67% phishing lateral movement.

Statistic 93

APWG 2024: Takedown services removed 85% sites within 24 hours.

Statistic 94

FTC 2023: Consumer education campaigns recovered $100 million in phishing funds.

Statistic 95

Ponemon 2023: Automated response cut breach notification time 40%.

Statistic 96

Statista 2024: Security awareness training ROI at 300% in phishing reduction.

Statistic 97

IC3 2023: Law enforcement recovered $500 million from phishing rings.

Statistic 98

KnowBe4 2024: Simulated phishing tests improved reporting rates to 62%.

Statistic 99

In 2023, 55% of phishing victims were aged 30-49 according to FTC data.

Statistic 100

Proofpoint 2024 survey: 74% of finance employees clicked phishing links vs 22% IT.

Statistic 101

KnowBe4 2024 benchmarking: Healthcare phish click rate highest at 43.2%.

Statistic 102

IC3 2023: 40% of phishing complainants were over 60 years old.

Statistic 103

APWG 2023: Women represented 52% of reported phishing victims globally.

Statistic 104

Verizon DBIR 2024: Privileged users 4x more likely to fall for phishing.

Statistic 105

Statista 2023: Millennials (25-40) accounted for 38% of phishing scam reports.

Statistic 106

Barracuda 2024: Executives clicked 2.5x more BEC phishing than average employees.

Statistic 107

Mimecast 2024: Remote workers 3x more susceptible to phishing.

Statistic 108

Abnormal Security 2024: C-suite victims in 68% of successful BEC attacks.

Statistic 109

Keeper 2024: 65% of phishing victims had no prior security training.

Statistic 110

Sophos 2024: Small businesses (<100 employees) 2x more victimized per capita.

Statistic 111

Cisco 2024: Gen Z (18-24) reported 28% higher phishing susceptibility.

Statistic 112

ENISA 2023: Public sector employees 45% of EU phishing victims.

Statistic 113

Zscaler 2024: Mobile users 1.8x more likely to engage phishing links.

Statistic 114

GlobalSign 2024: Brand loyalists 3x more targeted by homoglyph phishing.

Statistic 115

Check Point 2024: Finance sector workers clicked 51% of tests.

Statistic 116

Talos 2023: Untrained staff 82% click rate in phishing sims.

Statistic 117

Cofense 2023: 61% of victims were non-technical staff.

Statistic 118

Microsoft 2023: Hybrid workers saw 2.1x phishing incidents.

Statistic 119

IBM 2024: Education sector highest victim rate at 29% of breaches from phishing.

Statistic 120

FTC 2023: Over-70s lost $250 million to phishing, avg $1,200 per victim.

Statistic 121

Ponemon 2023: Contractors 1.7x more likely victims than full-time.

Sources
Trusted by 500+ publications
Harvard Business ReviewThe GuardianFortune+497
Phishing scams are no longer a vague digital nuisance but a staggering global crisis that directly threatens everyone, as last year alone saw over 5.3 million unique phishing sites, nearly 300,000 reported U.S. victims, and total global financial losses that soared past $12.5 billion.

Key Takeaways

  • In 2023, the Anti-Phishing Working Group (APWG) reported a record 5.3 million unique phishing sites detected worldwide, marking a 50% increase from 2022.
  • Verizon's 2024 Data Breach Investigations Report (DBIR) found that phishing was involved in 24% of all confirmed data breaches analyzed.
  • Proofpoint's 2024 State of the Phish report indicated that 84% of organizations experienced at least one successful phishing attack in the past year.
  • The total global financial losses from phishing scams in 2023 exceeded $12.5 billion according to the FBI IC3 report.
  • Verizon DBIR 2024 estimated average cost of a phishing-initiated breach at $4.88 million.
  • IBM Cost of Data Breach 2024 reported phishing-related breaches averaging $4.76 million globally.
  • In 2023, 55% of phishing victims were aged 30-49 according to FTC data.
  • Proofpoint 2024 survey: 74% of finance employees clicked phishing links vs 22% IT.
  • KnowBe4 2024 benchmarking: Healthcare phish click rate highest at 43.2%.
  • Email remains the primary vector for 91% of phishing attacks per Proofpoint 2024.
  • APWG Q4 2023: 72% of phishing used malicious links, 28% attachments.
  • Verizon DBIR 2024: SMS phishing (smishing) up 328% year-over-year.
  • Training reduced phishing click rates by 40% per KnowBe4 2024.
  • Proofpoint 2024: MFA blocked 99.9% of account takeover phishing.
  • IBM 2024: AI-driven detection cut phishing breach costs by 28%.

Phishing attacks soared to record highs and cost billions globally in 2023.

Attack Vectors

  • Email remains the primary vector for 91% of phishing attacks per Proofpoint 2024.
  • APWG Q4 2023: 72% of phishing used malicious links, 28% attachments.
  • Verizon DBIR 2024: SMS phishing (smishing) up 328% year-over-year.
  • KnowBe4 2024: BEC phishing via email spoofing in 83% of incidents.
  • Microsoft 2023: QR code phishing (quishing) rose 51% in detections.
  • Barracuda 2024: Voice phishing (vishing) in 36% of attacks targeting helpdesks.
  • Mimecast 2024: Adversary-in-the-middle (AiTM) phishing evaded MFA in 75% cases.
  • Abnormal Security 2024: 64% of phishing used Microsoft domains for spoofing.
  • Zscaler 2024: Mobile app phishing via sideloading in 19% attacks.
  • Sophos 2024: Malicious attachments in 22% ransomware phishing.
  • Cisco 2024: Social media phishing via DMs up 45%.
  • ENISA 2023: Homoglyph domain attacks in 41% financial phishing.
  • Keeper 2024: Credential harvesting pages mimicked login portals in 88%.
  • GlobalSign 2024: SSL-enabled phishing sites 92% of total.
  • Check Point 2024: Spear-phishing personalized with 97% delivery success.
  • Talos 2023: Phishing kits using HTML smuggling in 55% samples.
  • Cofense 2023: Malicious URL shorteners hid 68% of phishing redirects.
  • IBM 2024: MFA fatigue attacks via push phishing in 28% stolen creds.
  • FTC 2023: Tech support impersonation vishing 25% of complaints.
  • Ponemon 2023: Watering hole attacks combined with phishing 15%.
  • Statista 2024: Smishing rates tripled since 2020 to 12% of phishing.
  • APWG 2023: Brand impersonation in 85% of phishing campaigns.
  • IC3 2023: Investment scam phishing via email 70% of crypto fraud.

Attack Vectors Interpretation

The phishing landscape is now a full-spectrum con where criminals are brilliantly exploiting our every digital habit—from the trusty email inbox to the QR code on a restaurant menu—because apparently, just hijacking your email wasn't enough, they now need to phish you through your phone, your voice, your social media DMs, and even the very padlock icon meant to keep you safe.

Financial Impact

  • The total global financial losses from phishing scams in 2023 exceeded $12.5 billion according to the FBI IC3 report.
  • Verizon DBIR 2024 estimated average cost of a phishing-initiated breach at $4.88 million.
  • IBM Cost of Data Breach 2024 reported phishing-related breaches averaging $4.76 million globally.
  • APWG 2023 economic impact study valued phishing losses at $52 billion worldwide.
  • FTC 2023 data showed phishing scams causing $330 million in consumer losses in the US.
  • Proofpoint 2024 report: Average phishing incident costs orgs $4.5 million including downtime.
  • Statista 2024: Global phishing cybercrime losses projected to hit $48 billion by 2025.
  • IC3 2023: Business Email Compromise (BEC), often via phishing, losses at $2.9 billion.
  • Ponemon Institute 2023: Phishing contributes to 25% of breach costs averaging $9.44 million.
  • KnowBe4 2024: Cost per clicked phishing link estimated at $1,500 in remediation.
  • Mimecast 2024: Average BEC phishing loss per incident $130,000.
  • Barracuda 2024: Phishing downtime costs avg $25,000 per hour for enterprises.
  • Abnormal Security 2024: Phishing email losses totaled $3.4 billion in social engineering scams.
  • Zscaler 2024: Ransomware from phishing cost $20 billion globally in 2023.
  • Sophos 2024: Avg ransomware payout post-phishing $1.54 million.
  • Cisco 2024: Phishing-related incident response costs $1.2 million on average.
  • ENISA 2023: EU phishing financial impact €1.8 billion annually.
  • Keeper 2024: Credential phishing leads to $5.9 billion in account takeover losses.
  • GlobalSign 2024: Domain spoofing phishing caused $700 million in brand damage.
  • Check Point 2024: Avg cost per phishing breach $4.91 million.
  • Talos 2023: Phishing kits enabled $2.1 billion in fraud losses.
  • Cofense 2023: Spear-phishing losses averaged $6.9 million per org.
  • Microsoft 2023: BEC scams via phishing totaled $4.3 billion reported losses.

Financial Impact Interpretation

While the exact dollar figures on phishing vary like a bad fish story, it is undeniably a multi-billion dollar global industry where, whether you're a corporation or a consumer, you're essentially funding a criminal's yacht one click at a time.

Prevalence and Volume

  • In 2023, the Anti-Phishing Working Group (APWG) reported a record 5.3 million unique phishing sites detected worldwide, marking a 50% increase from 2022.
  • Verizon's 2024 Data Breach Investigations Report (DBIR) found that phishing was involved in 24% of all confirmed data breaches analyzed.
  • Proofpoint's 2024 State of the Phish report indicated that 84% of organizations experienced at least one successful phishing attack in the past year.
  • The FBI's Internet Crime Complaint Center (IC3) 2023 report logged over 298,000 phishing complaints, up 10% from the previous year.
  • Google's Transparency Report for Q4 2023 blocked 2.2 million phishing URLs daily on average across its services.
  • APWG Q1 2024 trends showed phishing emails targeting financial institutions rose by 37% quarter-over-quarter.
  • IBM's 2024 Cost of a Data Breach report noted phishing as the initial attack vector in 16% of breaches.
  • Statista reported that in 2023, there were approximately 300,000 phishing-related cyber incidents in the EU alone.
  • Microsoft's Digital Defense Report 2023 detected over 300 million phishing attempts blocked in Microsoft 365 daily.
  • KnowBe4's 2024 Phishing by Industry Benchmarking Report surveyed 1,500 orgs, finding average phish click rate at 36.6%.
  • APWG Q2 2024 reported 1.2 million phishing attacks detected, with a focus on cryptocurrency scams surging 22%.
  • FTC's 2023 Consumer Sentinel Network data showed phishing/scam complaints numbering 806,082.
  • Cisco's 2024 Cybersecurity Threat Trends Report identified phishing in 41% of malware campaigns.
  • ENISA's Threat Landscape 2023 highlighted phishing as the most common initial access technique in 35% of incidents.
  • PhishLabs (now Cofense) 2023 Phishing Threat Trends reported 1.7 billion phishing emails detected annually.
  • Barracuda Networks' 2024 Phishing Threat Report noted 57% of orgs hit by phishing weekly.
  • IC3 2023 data revealed phishing as the top cybercrime type with 300,497 complaints.
  • APWG 2023 annual stats showed phishing sites peaking at 1.5 million in November alone.
  • Zscaler's 2024 ThreatLabz report blocked 8.7 billion phishing attempts in 2023.
  • Sophos 2024 State of Ransomware noted phishing in 37% of ransomware entry points.
  • Keeper Security's 2024 Phishing Trends Report found 92% of malware distributed via phishing.
  • Abnormal Security's 2024 report detected 1.5 billion malicious emails in 2023.
  • FBI IC3 2022 vs 2023 showed phishing complaints up 22% to 298,878.
  • APWG Q3 2023 reported 1.4 million unique phishing sites, highest quarterly ever.
  • Proofpoint 2023 data: 96% of orgs faced sophisticated phishing.
  • GlobalSign's 2024 Phishing Report noted 4.7 million phishing domains registered in 2023.
  • Mimecast's 2024 State of Email Security found 1 in 99 emails are phishing.
  • Check Point Research 2024: Phishing attacks up 49% year-over-year.
  • Talos Intelligence 2023: Over 10 million phishing kits active globally.

Prevalence and Volume Interpretation

Despite the staggering and ever-growing numbers that paint phishing as the world's most popular, and least exclusive, criminal enterprise—with millions of sites, billions of emails, and a depressing success rate—the sobering truth is that it remains a shockingly effective key that unlocks a quarter of all data breaches because, evidently, we just keep taking the bait.

Response and Recovery

  • Training reduced phishing click rates by 40% per KnowBe4 2024.
  • Proofpoint 2024: MFA blocked 99.9% of account takeover phishing.
  • IBM 2024: AI-driven detection cut phishing breach costs by 28%.
  • Microsoft 2023: Zero-trust architecture prevented 85% phishing escalations.
  • Barracuda 2024: Email gateways stopped 99.4% inbound phishing.
  • Mimecast 2024: URL defense rewrote 1.2 billion risky links annually.
  • Abnormal Security 2024: Behavioral AI detected 95% BEC phishing.
  • Zscaler 2024: Cloud sandboxing detonated 99% malicious attachments.
  • Sophos 2024: Backups enabled 78% ransomware recovery post-phishing.
  • Cisco 2024: EDR tools isolated 92% phishing infections within 1 hour.
  • ENISA 2023: Incident response plans reduced phishing downtime 55%.
  • Keeper 2024: Passwordless auth cut phishing success by 97%.
  • GlobalSign 2024: DMARC enforcement blocked 89% spoofed domains.
  • Check Point 2024: Threat intel sharing averted 76% targeted phishing.
  • Talos 2023: Browser filters stopped 98% kit-based phishing.
  • Cofense 2024: Phish reporting buttons used in 45% incidents for quick triage.
  • Verizon DBIR 2024: Segmentation limited 67% phishing lateral movement.
  • APWG 2024: Takedown services removed 85% sites within 24 hours.
  • FTC 2023: Consumer education campaigns recovered $100 million in phishing funds.
  • Ponemon 2023: Automated response cut breach notification time 40%.
  • Statista 2024: Security awareness training ROI at 300% in phishing reduction.
  • IC3 2023: Law enforcement recovered $500 million from phishing rings.
  • KnowBe4 2024: Simulated phishing tests improved reporting rates to 62%.

Response and Recovery Interpretation

While our cyber shields are impressively stout, these statistics ultimately confess that the resilient human link remains both the strongest defender and the most tempting target in the phishing chain.

Victim Profiles

  • In 2023, 55% of phishing victims were aged 30-49 according to FTC data.
  • Proofpoint 2024 survey: 74% of finance employees clicked phishing links vs 22% IT.
  • KnowBe4 2024 benchmarking: Healthcare phish click rate highest at 43.2%.
  • IC3 2023: 40% of phishing complainants were over 60 years old.
  • APWG 2023: Women represented 52% of reported phishing victims globally.
  • Verizon DBIR 2024: Privileged users 4x more likely to fall for phishing.
  • Statista 2023: Millennials (25-40) accounted for 38% of phishing scam reports.
  • Barracuda 2024: Executives clicked 2.5x more BEC phishing than average employees.
  • Mimecast 2024: Remote workers 3x more susceptible to phishing.
  • Abnormal Security 2024: C-suite victims in 68% of successful BEC attacks.
  • Keeper 2024: 65% of phishing victims had no prior security training.
  • Sophos 2024: Small businesses (<100 employees) 2x more victimized per capita.
  • Cisco 2024: Gen Z (18-24) reported 28% higher phishing susceptibility.
  • ENISA 2023: Public sector employees 45% of EU phishing victims.
  • Zscaler 2024: Mobile users 1.8x more likely to engage phishing links.
  • GlobalSign 2024: Brand loyalists 3x more targeted by homoglyph phishing.
  • Check Point 2024: Finance sector workers clicked 51% of tests.
  • Talos 2023: Untrained staff 82% click rate in phishing sims.
  • Cofense 2023: 61% of victims were non-technical staff.
  • Microsoft 2023: Hybrid workers saw 2.1x phishing incidents.
  • IBM 2024: Education sector highest victim rate at 29% of breaches from phishing.
  • FTC 2023: Over-70s lost $250 million to phishing, avg $1,200 per victim.
  • Ponemon 2023: Contractors 1.7x more likely victims than full-time.

Victim Profiles Interpretation

The data paints a portrait of a phishing epidemic where the most targeted are not the digitally naive elderly, but rather the overconfident, overworked, and overtly privileged—from brand-loyal millennials and distracted remote workers to corner-office executives and finance teams who should know better, proving that in the modern scamscape, a busy inbox is a far greater vulnerability than a lack of tech savvy.