Key Takeaways
- BEC cases in 2023 involved phishing/compromised credentials as an enabling step in 62% of cases (IC3 incident narrative analysis figure)
- 47% of phishing victims report additional cleanup time for compromised accounts beyond initial incident response (measured in incident postmortem survey)
- $1.8 billion in reported phishing-related losses in 2022 in the IC3’s “phishing” category (explicit phishing fraud category)
- £1.0 billion+ in expected annual losses from phishing and other cyberenabled fraud in the UK (estimated by a national authority in a fraud review)
- 28% of people use the wrong verification method for secure login attempts (measured in a human factors study)
- 34% of users repeat the same error after initial training (measured retention failure in a study of phishing awareness training)
- In Phishbowl’s benchmark, 4.2% of users clicked on phishing simulation links on average (Phishbowl phishing benchmarks)
- In training programs, phishing susceptibility reduced by 40% on average after targeted interventions (measured in meta-analysis of phishing training studies)
- Security awareness programs improved report-click behavior by 29% after 3 months (measured change in user reporting in a peer-reviewed study)
- 84% of organizations with enforced DMARC policy had fewer spoofing messages reaching users (reported effectiveness measure in a government/industry email authentication study)
- 47% of organizations use a dedicated email security solution to filter phishing attempts (Egress Phishing Benchmark report 2024)
- In 2023, the US Federal Trade Commission reported that phishing was a common method reported in consumer fraud complaints, comprising millions of reports (FTC Consumer Sentinel dataset)
- In the Canadian anti-spam regulator’s reporting for 2023, phishing/scams were among the top categories of spam complaints, with millions of complaints recorded (Canadian CRTC spam reports)
- In ENISA’s threat landscape, phishing and social engineering are categorized under initial access tactics commonly observed in cyberattacks (ENISA report)
- At least 1 in 6 phishing emails contain an attachment (or link) that attempts credential theft by impersonating a legitimate brand (PhishLabs Credential Phishing research)
Phishing costs billions, compromises credentials, and users still click or repeat mistakes without smarter, reinforced defenses.
Related reading
01 · Category
Tactics And Vectors1 stats
Tactics And Vectors Interpretation
02 · Category
Financial Impact4 stats
Financial Impact Interpretation
03 · Category
User Behavior4 stats
User Behavior Interpretation
04 · Category
Mitigation Effectiveness5 stats
Mitigation Effectiveness Interpretation
More related reading
05 · Category
User Adoption1 stats
User Adoption Interpretation
06 · Category
Incidence & Impacts2 stats
Incidence & Impacts Interpretation
07 · Category
Phishing Landscape1 stats
Phishing Landscape Interpretation
08 · Category
Cost Analysis3 stats
Cost Analysis Interpretation
Cite This Report
This report is designed to be cited. We maintain stable URLs and versioned verification dates. Copy the format appropriate for your publication below.
David Kowalski. (2026, February 13). Phishing Statistics. Gitnux. https://gitnux.org/phishing-statistics
David Kowalski. "Phishing Statistics." Gitnux, 13 Feb 2026, https://gitnux.org/phishing-statistics.
David Kowalski. 2026. "Phishing Statistics." Gitnux. https://gitnux.org/phishing-statistics.
Sources & references
21 datasets cited across this report · attribution is report-level
+3 additional datasets cited (not shown individually)

