Email's threat dominance is structural: Verizon's DBIR attributes 94% of malware delivery to email, and with 347 billion messages a day — 45% of them spam — filtering can never be complete. Roughly 1 in 99 emails is a phishing attempt, and 30% of phishing emails get opened by their targets, so the attacker's funnel stays profitable at planetary scale.
Business email compromise is where the money concentrates. The FBI's IC3 recorded $2.4 billion in BEC losses in 2021, with a median loss of $125,000 per incident — these are not spray-and-pray scams but researched impersonations of executives and vendors. The defense that maps to the data: multi-factor authentication so a phished password isn't enough, and an out-of-band verification rule for any email that changes payment details, no matter how legitimate it looks.
Why This Data Matters
The cybersecurity landscape evolves rapidly. Each year brings new attack vectors, regulatory changes, and shifting threat patterns. By tracking these statistics, organizations and individuals can allocate security resources more effectively and anticipate emerging risks before they escalate.
Industry reports from organizations like the National Institute of Standards and Technology (NIST), CISA, and the Electronic Frontier Foundation (EFF) consistently highlight the growing sophistication of cyber threats and the critical importance of proactive defense measures.
How to Protect Yourself
The most effective step you can take today is using a VPN to encrypt your internet connection and hide your online activity from ISPs, advertisers, and potential attackers. Combined with strong passwords, two-factor authentication, and regular software updates, a VPN forms a critical layer of your personal security stack.
Google's Safety Center recommends encrypting your connection on public networks — exactly what GhostShield VPN provides with ChaCha20 encryption and no-logs policy.
Read our complete guide to online privacy →
Check if your IP address is exposed →
Methodology
All statistics are sourced from publicly available reports by reputable research organizations, government agencies, and industry analysts. Sources are cited alongside each statistic. We update this page regularly as new data becomes available. methodology page.