Phishing Statistics By Types, Country and Age Group

Phishing Statistics: Phishing is a popular trick used by online criminals. They send harmful messages through emails, texts, and even phone calls. The idea is to make you click a bad link or download harmful software. It's the top cyber crime, affecting 83% of UK businesses that had a cyber attack in 2022. In 2021, about 323,972 people worldwide were tricked by phishing. This made up half of all victims of cyber crimes, despite Google blocking almost all phishing attempts. Each phishing attack cost the victim around $136 on average, leading to a whopping $44.2 million stolen by criminals in 2021. Most phishing happens through emails. For every 100 internet users, about 16.5 had their emails exposed in 2021. These stolen emails are sold on the internet's black market, where criminals buy them to use in their attacks. With 1 billion emails leaked, phishing remains a big threat. It's crucial for businesses, especially those in sensitive industries like finance and law, to protect themselves. A 2019 study found that spear phishing, a targeted form of phishing, was the main attack method for 65% of criminal groups, used mostly for collecting information. In 2022, the most common phishing emails included links to '.com' websites, making up 54% of the total. The next common was '.net', at just 8.9%. Top '.com' domain names involved were Adobe, Google, Myportfolio, Backblazeb2, and Weebly. Phishing can cause massive damage. For instance, a data breach affecting 10 million records can cost a business $50 million. If it impacts 50 million records, the cost could rise to $392 million. These days, as people struggle with high living costs, scammers are taking advantage. In the UK, they pretended to be Ofgem, the energy regulator, to get personal financial details. Ofgem responded by asking energy companies to warn customers about these scams on their websites. Editorâs Choice In 2022, phishing attacks doubled from the previous year, with more than 500 million incidents recorded. Email phishing scams in the U.S. saw a steep rise of 48% in 2022. Young adults, particularly Gen-Z and Millennials, were the primary victims of phishing attacks. By 2023, Nevada was the most affected U.S. state by phishing, while Kansas experienced the least phishing attacks. The District of Columbia saw 25 phishing victims per 10,000 residents, leading to a financial loss of $25,562. Arkansas suffered the highest financial loss due to phishing, with more than $80,000 lost per 10,000 residents. Phishing scams in Delaware spiked by 71% in 2022. Wisconsin recorded the largest number of phishing victims in the past two years, with a 38% increase. The U.S. Internet Crime Complaint Center (IC3) received 300,497 reports from phishing victims. Businesses in the U.S. faced over $2.7 billion in losses from email scams by the end of 2022. According to IC3, financial losses from phishing surpassed $10.3 billion in 2022, with 800,944 reports in the U.S. In an effort to decrease phishing, 84% of U.S. organizations started regular security awareness training for employees in 2023, significantly reducing phishing incidents. Phishing remains the top cybercrime, with a daily estimate of 3.4 billion spam emails. Stolen credentials are the leading cause of data breaches. Google manages to block about 100 million phishing emails each day. Almost half of all emails sent in 2022, 48%, were spam. Russia is responsible for more than a fifth of all phishing emails. Millennials and Gen-Z internet users are most likely to fall for phishing scams. In the UK, 83% of businesses that experienced a cyber attack in 2022 identified phishing as the attack method. Asian organizations reported phishing as the most common form of cyber attack in 2021. A data breach can cost an organization more than $4 million on average. A single whaling attack, a type of targeted phishing, can cost a business as much as $47 million.

钓鱼统计数据：钓鱼是网络犯罪分子常用的伎俩。他们通过电子邮件、短信甚至电话发送有害信息。其目的是诱使您点击恶意链接或下载有害软件。它是首要的网络安全犯罪，影响了2022年遭受网络攻击的英国83%的企业。2021年，全球约有323,972人被钓鱼诈骗。尽管谷歌阻止了几乎所有钓鱼尝试，但这仍占所有网络犯罪受害者的一半。每次钓鱼攻击平均给受害者造成约136美元的损失，导致2021年犯罪分子窃取了高达4.42亿美元。大多数钓鱼攻击是通过电子邮件进行的。在2021年，每100名互联网用户中，约有16.5人的电子邮件被曝光。这些被盗的电子邮件在互联网的黑色市场上被出售，犯罪分子购买它们用于攻击。随着10亿封电子邮件泄露，钓鱼仍然是一个巨大的威胁。对于企业来说，尤其是金融和法律等敏感行业的企业，保护自身至关重要。2019年的一项研究发现，鱼叉式钓鱼（一种针对特定目标的钓鱼方式）是65%的犯罪团伙的主要攻击手段，主要用于收集信息。2022年，最常见的钓鱼电子邮件包括指向'.com'网站的链接，占总数的54%。其次是'.net'，占8.9%。最常涉及的顶级'.com'域名包括Adobe、Google、Myportfolio、Backblazeb2和Weebly。钓鱼可能造成巨大的损害。例如，影响1000万条记录的数据泄露可能使企业损失5000万美元。如果影响5000万条记录，损失可能高达3.92亿美元。如今，随着人们应对高昂的生活成本，诈骗者趁机行事。在英国，他们假装是能源监管机构Ofgem，以获取个人财务信息。Ofgem对此做出回应，要求能源公司在其网站上提醒客户警惕这些诈骗。2022年，钓鱼攻击数量比前一年翻了一番，记录了超过50亿次事件。2022年，美国电子邮件钓鱼诈骗增长了48%。年轻成年人，尤其是Z世代和千禧一代，是钓鱼攻击的主要受害者。到2023年，内华达州是美国受钓鱼攻击影响最严重的州，而堪萨斯州遭受的钓鱼攻击最少。哥伦比亚特区每10,000名居民中有25名钓鱼受害者，导致经济损失25,562美元。阿肯色州因钓鱼而遭受的经济损失最高，每10,000名居民损失超过80,000美元。2022年，特拉华州的钓鱼诈骗增长了71%。威斯康星州在过去两年中记录了最多的钓鱼受害者，增长了38%。美国互联网犯罪投诉中心（IC3）收到了来自钓鱼受害者的300,497份报告。到2022年底，美国企业因电子邮件诈骗遭受了超过27亿美元的损失。根据IC3的数据，2022年因钓鱼造成的财务损失超过了103亿美元，美国共有800,944份报告。为了减少钓鱼攻击，2023年84%的美国组织开始对员工进行定期的安全意识培训，这显著减少了钓鱼事件。钓鱼仍然是头号网络安全犯罪，每天估计有34亿封垃圾邮件。被盗凭证是数据泄露的主要原因。谷歌设法每天阻止约1亿封钓鱼邮件。2022年，几乎所有发送的电子邮件中，大约48%都是垃圾邮件。俄罗斯负责发送所有钓鱼邮件的五分之一以上。千禧一代和Z世代互联网用户最有可能上当受骗。在英国，2022年遭受网络攻击的83%的企业将钓鱼识别为攻击手段。亚洲组织报告称，2021年钓鱼是最常见的网络攻击形式。一次数据泄露可能使组织平均损失超过400万美元。单一的大鲸鱼攻击（一种针对特定目标的钓鱼方式）可能使企业损失高达4700万美元。