Staggering Phishing Statistics in 2020

Did you know that 22% of all data breaches in 2020 involved phishing attacks?

During the times of this global quarantine, an unprecedented number of people have started working from home and plan to do so for the foreseeable future. This widespread transition to a remote workplace has helped in controlling the spread of COVID-19. Contrarily, it has also provided cybercriminals with a plethora of new tactics for committing fraud and theft.

This year has been record-breaking in terms of cyber attacks. Adversely affecting numerous well-known organizations around the world, these attacks have resulted in the loss of millions of dollars at a global level. For this reason, it is becoming increasingly vital to identify these cyber risks and take suitable measures against them for keeping individual and corporate data safe.

Counted among the most widely used attack vectors among cybercriminals, phishing emails have become the most common way of gaining sensitive information and distributing malicious programs like ransomware. Usually, phishing attacks attempt to trick employees into giving up their corporate credentials, which can be used to hack the entire organization’s database and gain access to sensitive data.

The Shocking Phishing Statistics of 2020

Cybercriminals are going all out to exploit the vulnerabilities caused by this shift to remote work culture. These threat actors are ceaselessly launching phishing attacks on individuals and organizations alike to fill their own pockets. Here are some outrageous phishing stats showing the severity of the situation:

1. 97% of the users are unable to recognize a sophisticated phishing email.
2. 95% of all attacks targeting enterprise networks are caused by successful spear phishing.
3. Employees in the departments handling large-scale data have problems identifying phishing emails.
4. Only 3% of the users report phishing emails to the management.
5. A single spear phishing attack results in an average loss of $1.6 million.
6. 30% of phishing emails are opened by users, and 12% of these targeted users click on malicious links or attachments.
7. 85% of all organizations have been hit by a phishing attack at least once.
8. Smishing attacks are usually quite different and more problematic.
9. 81% of all mobile phishing attacks were launched outside of email.
10. The creation of around 1.5 million new phishing sites is witnessed every month.
11. The number of phishing emails that contain some form of ransomware rose to 97.25% in 2016.
12. 78% of users claim to be familiar with the risks of unsolicited links in emails. And yet, they click on the links anyway.
13. The global information security market is predicted to reach $170.4 billion in 2022.
14. 540 data breaches were reported in the USA in the first half of 2020.
15. Webmail services and Saas accounted for 34.7 % of all phishing attacks globally. 
16. 1 in every 8 employees shares information on a phishing site.
17. More than 60,000 phishing websites were reported in March 2020.
18. 96% of all targeted attacks are intended for intelligence gathering.
19.  71% of all sextortion victims are younger than 18 years of age.
20. Brand impersonation accounts for 81% of all spear phishing attacks.
21. 1 in every 2 organizations has been targeted by a ransomware attack in 2019 and data was successfully encrypted by the attackers in 73% of these attacks.
22. 1 in every 3 companies that suffered a ransomware attack paid the ransom and the average ransom demand is nearly $84,000.
23. 22% of all data breaches in 2020 involved phishing attacks.

How to Shield Your Organization Against Phishing Attacks?

The above-mentioned phishing stats clearly indicate that the rate of phishing attacks has drastically increased across almost every industry. No company or vertical is immune to these attacks, regardless of its size. So, it has become essential for all organizations to take certain preventive measures for avoiding the barrage of phishing emails.

Here are some effective cybersecurity tips to shield your organization against these attacks:

1. Educate your employees about the prevailing cyber-attack tactics and basic preventive practices they can adopt to prevent it. A cyber-aware workforce is the best defense against all kinds of phishing attacks. You can implement TSAT, a comprehensive cybersecurity awareness tool, to generate awareness amongst your employees. 
2. Instruct your employees to carefully double-check the sender’s email address and look out for any unusual date formats and language issues.
3. Avoid opening any emails or clicking on any links or attachments from unknown or suspicious senders.
4. Utilize a Phishing Incident Response Tool like TPIR and ask employees to report any unsolicited or suspicious-looking emails.
5. Implement standard email authentication protocols such as DMARC, DKIM, and SPF to secure your email domain against domain forgery.
6. Implement TDMARC to monitor all three of these email authentication protocols to complement the Simple Mail Transfer Protocol (SMTP).

Phishing attacks have spiked dramatically and are wreaking havoc all around the world. For this reason, it has become extremely important to take all the necessary precautions to keep your organization safe. So, keep these essential cybersecurity tips in mind and keep your employees and organization protected from the ever-evolving cyber threat landscape.

threatcop