13 Spear Phishing Stats to Build Your Case for Email Fraud Protection

Spear phishing is the biggest threat to enterprise security today. According to Verizon, the vast majority of data breaches begin with a targeted phishing campaign against an organization.

Traditionally, we have relied on people as the first line of defense against email fraud. But, as the numbers below show, that strategy just isn’t working. We must instead prioritize investment in technology solutions that block bad email before it reaches the inbox.

To garner support and to build a business case for this investment, you must communicate the size and scope of the spear phishing problem effectively across your organization. And nothing is more compelling than data.

Here are 13 spear phishing statistics you can use to make your case for email fraud protection:

  1. 97 percent of people around the world cannot identify a sophisticated phishing email. (Source: Intel)
  2. 30 percent of phishing messages get opened by targeted users and 12 percent of those users click on the malicious attachment or link. (Source: Verizon)
  3. Only three percent of targeted users report malicious emails to management. (Source: Verizon)
  4. 95 percent of all attacks on enterprise networks are the result of successful spear phishing. (Source: SANS Institute)
  5. Business Email Compromise (BEC) scams have cost companies over two billion in the past two years. (Source: FBI)
  6. By 2019, the cost of cybercrime and data breaches will rise to $2.1 trillion. (Source: Juniper Research 2016)
  7. In 2015, 736 million records were exposed due to a record-setting 3,930 data breaches. (Source: CSO online)
  8. After your company is breached, 60 percent of your customers will think about moving and 30 percent actually do. (Source: Aviva)
  9. The average cost of a data breach increased 15 percent in 2015 to $3.8 million. (Source: Ponemon)
  10. By 2020, more than 1.5 billion people (one-quarter of the world’s population) will be affected by data breaches. (Source: IDC)
  11. The cost incurred for each lost or stolen record containing sensitive and confidential information increased six percent in 2015, from $145 to $154. (Source: IBM)
  12. One-third of consumers said they would stop dealing with a business following a cyber-security breach, even if they do not suffer a material loss. (Source: Deloitte)
  13. Through 2020, email remains the primary targeting method of advanced attacks. (Source: Gartner)

Want to learn more about how to combat spear phishing attacks with the right technology at your company? Register for our webinar tomorrow, May 12, at 11am ET, “Spear Phishing: Fighting the Next Generation of Email Attacks.”

minute read

Popular stories



BriteVerify email verification ensures that an email address actually exists in real-time


The #1 global data quality tool used by thousands of Salesforce admins


Insights and deliverability guidance from the only all-in-one email marketing solution

GridBuddy Cloud

Transform how you interact with your data through the versatility of grids.

Return Path

World-class deliverability applications to optimize email marketing programs

Trust Assessments

A revolutionary new solution for assessing Salesforce data quality


Validity for Email

Increase inbox placement and maximize subscriber reach with clean and actionable data

Validity for Data Management

Simplify data management with solutions that improve data quality and increase CRM adoption

Validity for Sales Productivity

Give your sales team back hours per day with tools designed to increase productivity and mitigate pipeline risks in real-time