2019 State of the Phish Report

2019 State of the Phish Report
Phishing continues to be the number one attack vector. Why? Because it works — all too well. Industries of every kind fall prey to these scams — from financial organizations to government contractors to healthcare firms. Today’s cybercriminals manage to evade even the most sophisticated security technology through carefully planned, socially engineered email attacks that are only getting more advanced. 

The fifth annual State of the Phish Report provides the data-driven intelligence you and your team need to manage end-user risk more effectively within your organization. In this report, our focus mirrors that of cyber attackers: people.

You will see data related to the following:

Tens of millions of simulated phishing emails
We compiled and analyzed data from tens of millions of simulated phishing emails sent to end users via our cloud-based Security Education Platform between October 2017 and September 2018.

16 industries
We compare and contrast activities and results from organizations and their employees across 16 industries.

Nearly 15,000 survey responses from InfoSec professionals
We sent quarterly surveys to our database of InfoSec professionals (customers and non-customers) throughout 2018. Their responses reveal the challenges they are facing, their views of the threat landscape, and the actions they’re taking to fend off phishing attacks.

7,000+ technology user insights
Our third-party survey of more than 7,000 working adults — 1,000 each in the US, UK, France, Germany, Italy, Australia, and Japan — reveals understanding of common social engineering terms and attack vectors. The results provide a global perspective on the awareness levels of the average end user.

Sponsored by Proofpoint.