Updated · May 28, 2023
Phishing is a popular type of cybercrime on the internet. It affects consumers and industries from having proper cyber security systems on the internet. Phishers target victims who are naive and vulnerable to internet scams by sending malicious links and malware.
In 2022, around 3.4 billion phishing email spams will be sent daily. Causing data breaches, identity theft, and potential cyber-attacks. These can cause severe repercussions for businesses and regular internet users.
In this article, learn the current status of internet phishing statistics and everything you should know about it.
In 2021, 323,972 phishing incidents were recorded, and a data breach involving 10 million records costs $50 million. Financial loss is a significant issue for a business experiencing phishing attacks. Data breaches through phishing can result in losing 50 million records or $392 million.
To know more about phishing and its statistics, here are some essential data for 2023:
In the world of cybercrime, phishing emails are apparent due to their simplicity and easy access to information.
In 2022, 83% of business owners who were victims of online scams and attacks blamed it on phishing emails. In addition, about 1 billion phishing emails were sent and revealed, affecting 1 in every 5 internet users.
Here are statistics about phishing emails and their prevalent domains on the internet:
In 2022, the ‘.com’ domain was utilized in over half of phishing email links at around 54%, while the next most common domain is ‘.net’ at about 8.9%.
Scammers primarily use this domain to trick individuals into installing malware and keyloggers or disclosing personal information like:
Scammers can use this information for malicious intent, such as raking up credit card debt, identity theft, and performing fraudulent transactions online.
For Q2 2022, the most common domain names ending in ‘com’ are:
The danger of phishing is obvious - it causes data breaches or leaks. A data breach exposing 10 million records costs firms an average of $50 million. An attack compromising 50 million records can cost up to $392 million.
Phishers don’t select their victims; they target just about anyone. However, 1 out of 4 (28.1%) internet users aged 75 and above fall for phishing scams. Their main target for this is homeowners who have children.
To know more about the demographics, read below for more in-depth knowledge.
Phishing attacks that hack business email accounts are becoming more costly, and it is estimated that victims in the U.S. will lose more than $2.7 billion.
In addition, there was a considerable increase in cybercrime throughout the Asia-Pacific region, which included an uptick in phishing and zero-day attacks obliging businesses to concentrate on cybersecurity, establishing online privacy protections, and paying millions of dollars.
Phishing doesn’t only affect email accounts; it can also involve social media profiles. The reported attacks were a significant rise of 23.5% from 2021. With this, there is a growing need for individuals and businesses to take proactive steps to protect users and organizations.
According to recent data, romance scams cost Canadians $42.2 million. Investment scams are also frequent. The pandemic has worsened the situation accounting for almost 34% of Canadians receiving phishing emails in the first six months.
While identity theft rates in 2021 have decreased slightly from the previous year's high of 19.4 per 100,000 individuals, the current rate of 18.76% is significantly greater than the rates recorded between 2010 and 2019, which varied from 2.37% to 12.58% per 100,000 people.
Social engineering is also common in cyberattacks, accounting for 35% of breaches in the United States in 2021. In 2022, spam continued dominating global email traffic, accounting for 48.63% of all emails. However, the proportion of spam in international email traffic has decreased from 51.02% in Q1 to 46.16% in Q4.
However, only 7% of attacks were carried out using brute force. These results underline the necessity for Asian organizations to maintain vigilance and make significant security-related investments to guard against such attacks.
Phishing attacks are frequently a springboard for cyber scammers and frauds to initiate more severe security breaches damaging several companies. Damages vary from stolen data to ransomware.
To shed more light and understand the damages caused by phishing, read more below and understand the statistics better.
Whaling is a type of phishing where emails are targeted toward a specific individual or company. The Austrian airline company experienced a cyber fraud attack on a phishing email. FACC failed to recover from the attack, which led to huge losses of $24 million during the fiscal years 2015 and 2016.
The hackers claimed to have stolen up to 100 terabytes of company-sensitive data, including movies, emails, employee information, etc. Sony eventually paid an estimated $100 million to fix the hack, showing the terrible repercussions of cybersecurity breaches for huge organizations.
The attack on the Colonial Pipeline in 2021 was an occurrence that widely disrupted and anarchized the American east coast. A state of emergency was proclaimed in 18 states due to this cyber attack, which momentarily stopped fuel flow and caused panic buying of fuel.
While vulnerability exploitation remained the most common threat at 46%, phishing was not far behind and posed a considerable risk to companies and businesses. On the other hand, brute force attacks came in third place, accounting for only 12% of all reported attacks.
This is a relatively troubling trend, especially compared to the smaller percentages of vulnerability exploitation (29%) and extreme attacks (9%). Phishing can be challenging to detect and cause substantial harm to a company, making it critical to prioritize cybersecurity measures.
Followed by 29% of stolen important information and 18% of vulnerable exploitations, these statistics have emphasized the necessity of teaching employees about the hazards of phishing and the importance of cybersecurity and protection.
Current trends and advances may change the course of phishing activities based on the recent surge of different technologies and cybersecurity tactics. These trends will vary depending on device and method, such as cloud-storage attacks and hacks on smart devices.
Here are phishing predictions affecting cybersecurity in 2023:
As the world races to produce and spread a COVID-19 vaccine, it is understandable that some countries may steal knowledge from others to obtain a competitive advantage.
Most of these attacks targeted phase 3 testing vaccines with a success rate of 70%-90%. With this in mind, espionage and cyber warfare have become standard tactics.
More data breaches will occur in 2023 due to third-party access to data. They are especially vulnerable because of the lack of security around third-party access in the healthcare, educational, and manufacturing sectors if “least privilege” access isn’t implemented.
LNK and CHM downloaders, commonly used for shortcuts, will likely be employed in new TrickBot tactics in 2023. This implies TrickBot could be distributed through seemingly malicious files, making it more difficult for businesses to detect and prevent its invasion.
Given that TrickBot campaigns are expected to become more prevalent, businesses must remain vigilant and take preventive measures for cybersecurity.
Phishing attacks continue to pose severe risks to individuals and organizations worldwide, with cybercriminals employing a variety of domains and strategies to fool and defraud their victims.
Internet users and organizations should highlight the importance of vigilance in protecting personal and sensitive information - avoiding fraud and cyber crime entirely.
Individuals and companies must stay aware and take proper precautions to protect themselves from the ever-increasing threat of scams and phishing attempts as cybercrime evolves.
Usually, a fake email has distinct characteristics such as blank subjects, different email addresses, suspicious information, and the sender's location.
Change your password immediately. If you have given your bank information, blocking and freezing your account through your mobile app is best.
If you surrendered your phone number, tell your friends and family about the spam messages they might receive.
You can report phishing attacks through [email protected] to immediately get the help you need. Victims must report such instances to get appropriate assistance.
Scam emails are unsolicited emails, while phishing emails are criminals and scammers disguised as emails from legitimate sources.
Munni is also an ardent student of human-computer interfaces and user experience design. He makes the vital connections between technology and the end user. He always finds the ultimate way to tell the story of software, to highlight its strengths and weaknesses in an accessible way. He often contemplates the dynamic relationship between humanity and technology over a pint of lager, while enjoying some classy classical rock.
Latest from Author
Your email address will not be published.
Updated · May 28, 2023
Updated · May 28, 2023
Updated · May 27, 2023
Updated · May 27, 2023