Menlo Security
All Statistics
57% of employees input sensitive data into free-tier AI tools.
73% of organisations in India reported implementing GenAI.
A staggering 155,005 copy attempts and 313,120 paste attempts were logged in a single month, demonstrating potential data exposure.
75% of organisations in China reported implementing GenAI.
There were 10.53 billion visits to AI sites recorded in January 2025.
Web traffic to GenAI sites increased by 50%, from 7 billion visits in February 2024 to 10.53 billion in January 2025.
80% of AI access happens via browsers.
68% of employees use free-tier AI tools like ChatGPT via personal accounts.
There is up to six days as the average window of exposure before legacy security tools begin blocking pages from zero-hour phishing attacks.
AWS and CloudFlare accounted for nearly 50% of all instances of abused cloud hosting instances in 2024.
Menlo Security identified nearly 600 incidents of GenAI fraud in 2024.
There has been a 130% increase in zero-hour phishing attacks in 2024.
Nearly 51% of browser-based phishing attempts involved some form of brand impersonation in 2024.
Cybercriminals created nearly 1 million new phishing sites each month in 2024. This represents a 700% increase since 2020.
75% of phishing links are hosted on good, trusted websites.
Four of the top five hosting providers used by bad actors to host phishing attacks were based in the U.S. in 2024.
Phishing attacks hosted on subdomain providers increased by 51% in 2024, representing 24% of all phishing attacks.
There has been a 140% increase in browser-based phishing attacks in 2024 compared to 2023.
One in five attacks in 2024 displayed some form of evasive technique designed to evade traditional network and endpoint-based security controls
Cybercriminals created nearly 1 million new phishing sites each month in 2024. This represents a 700% increase since 2020.