<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=1018517621595528&amp;ev=PageView&amp;noscript=1">
Stats & Trends
Jonathan Crowe
Jul 2016

Phishing by the Numbers: Must-Know Phishing Statistics 2016

Photo by Kim Carpenter

Phishing is now the #1 delivery vehicle for ransomware and other malware. See the numbers behind its rise.

While many of us tend to think of cyber criminals as mastermind hackers who perpetrate state-of-the-art attacks from behind the shadows of a hoodie, the truth is the majority are simple scam artists. They don't bother with coming up with sophisticated ways to break through complex security systems. Why bother going to all that trouble when you can simply trick an employee into giving up information or clicking a link?

To help you get a better sense of the danger phishing poses (and to help you explain the risk of phishing to your boss and your users), we've collected seven telling statistics.

Once you're done reading these, be sure to check out our latest eBook, The Phishing Field Guide: How to Keep Your Users Off the Hook. It's full of actionable advice you can use to improve your organization's security posture and keep your employees safe.

85 percent of organizations have suffered phishing attacks

wombat_phishing_stats.jpg

Wombat 2016 State of the Phish

According to Wombat Security’s 2016 State of the Phish report, not only are more organizations falling victim to phishing attacks, the number and sophistication level of the attacks they’re experiencing has gone up. Two-thirds of the organizations they studied reported experiencing attacks that were targeted and personalized (spear phishing attacks), up 22 percent from the year before. (Wombat Security)

30 percent of phishing emails get opened

Phishing_email_open_rate-1.png

Verizon 2016 DBIR

The sad thing is most marketers would kill for that open rate. The sadder thing is it explains why phishing continues to be so popular among attackers. It's a delivery tactic that works. Help your users avoid becoming phishing victims with these five tips. (Verizon 2016 DBIR)

#1 delivery vehicle for malware is email attachments

Top_5_malware_delivery_vehicles.png

Verizon 2016 DBIR

Considering the success rate of phishing, perhaps it's no surprise malicious email attachments and links are two of the top three malware delivery mechanisms of choice for attackers. That makes email filtering and user education both smart security investments. (Verizon 2016 DBIR)

250 percent surge in phishing detected in Q1 2016

APWG_phishing_stats.png

APWG Phishing Activity Trends Report

While it’s common to see a brief spike in phishing incidents around the holidays, researchers at the Anti-Phishing Working Group (APWG) were surprised to see this year’s spike grow into a sustained surge. The group observed more phishing attacks in Q1 2016 than in any other three-month span since it began tracking data in 2004. (SC Magazine)

9 out of 10 phishing emails carried ransomware in March

PhishMe_phishing_email_ransomware_stats.png

PhishMe Q1 2016 Malware Review

Anti-phishing vendor PhishMe reported a dramatic increase in the number of phishing emails deploying ransomware payloads over the course of Q1 2016. During March, 93% of the phishing emails they collected intended to infect victims with ransomware. (PhishMe)

$1.6 million: the average cost of a spear phishing attack

Spear_Phishing_Survey_Cloudmark.png

Cloudmark

Not only is spear phishing increasingly common, attacks are also proving to be incredibly costly. According to a recent Cloudmark survey, companies hit by a successful spear phishing attack in the past 12 months suffered an average financial cost of $1.6 million. (Cloudmark)

1 in 3 companies have been victims of CEO fraud emails

AlienVault_CEO_fraud_email_stats.png

AlienVault

Over a third of the respondents to a recent survey by AlienVault reported their executives have fallen victim to a CEO fraud email, and over 80 percent believed their executives could fall for targeted phishing scams in the future. Those concerns are well-founded. More than 50 organizations, including Snapchat and Care.com, were successfully targeted by CEO fraud emails asking for W-2 information this past tax season alone. (AlienVault)

Learn more how to keep your employees safe from phishing.

Sometimes the best way to stop phishers is to learn how to think like one. Download our Phishing Field Guide: How to Keep Your Users Off the Hook to find out who in your organization is most at-risk for getting phished and what you can do to stop them from taking the bait.

Jonathan Crowe

Jonathan Crowe

Jonathan writes about cybersecurity from a practical point of view. He has a strict whitelisting policy for filtering out jargon and only sharing tips and tools that actually work.

blocks-attack-grey-circle.svg

Close the gaps in your security

See how Barkly’s Runtime Malware Defense blocks attacks other solutions miss.

Find out how

Comments

Stay informed!

Get the latest security news, tips, and trends straight to your inbox.

Stay informed!

Get the latest security news, tips, and trends stright to your inbox.