Key Takeaways
- Vishing, a social engineering tactic, involves impersonation to extract sensitive info like passwords or financial data via phone calls mimicking authority figures
- Annual security awareness training reduces social engineering success by 70%, per Proofpoint 2023
- Average BEC social engineering scam costs $1.86 million per incident in 2023
- In 2023, social engineering accounted for 74% of all data breaches analyzed, primarily through phishing and pretexting tactics
- Millennials aged 24-39 comprise 40% of social engineering victims due to high social media usage
Social engineering succeeds most often by exploiting human trust, so strong verification habits are crucial.
Related reading
01 · Category
Attack Vectors and Techniques24 stats
Attack Vectors and Techniques Interpretation
02 · Category
Detection, Response, and Prevention25 stats
Detection, Response, and Prevention Interpretation
03 · Category
Economic and Operational Impacts25 stats
Economic and Operational Impacts Interpretation
More related reading
04 · Category
Prevalence and Frequency30 stats
Prevalence and Frequency Interpretation
05 · Category
Victim Profiles and Vulnerabilities23 stats
Victim Profiles and Vulnerabilities Interpretation
Cite This Report
This report is designed to be cited. We maintain stable URLs and versioned verification dates. Copy the format appropriate for your publication below.
Thomas Lindqvist. (2026, February 13). Social Engineering Statistics. Gitnux. https://gitnux.org/social-engineering-statistics
Thomas Lindqvist. "Social Engineering Statistics." Gitnux, 13 Feb 2026, https://gitnux.org/social-engineering-statistics.
Thomas Lindqvist. 2026. "Social Engineering Statistics." Gitnux. https://gitnux.org/social-engineering-statistics.
Sources & references
57 datasets cited across this report · attribution is report-level

