Social Engineering Statistics

26 STATS17 SOURCES

Social Engineering by Industry

Healthcare3Retail1Financial Services1

Latest Statistics

58% of internal audit leaders identify automated social engineering as a leading AI-enabled fraud threat.

The Internal Audit Foundation and AuditBoardInternal Audit and AI-Enabled Fraud·Feb 17, 2026
Automated Social EngineeringAI FraudInternal Audit

77% of organizations have been targeted by deepfake attacks.

Ivanti2026 State of Cybersecurity Report: Bridging the Divide·Feb 12, 2026
DeepfakeSocial Engineering

51% of organizations have faced sophisticated, personalized phishing emails powered by deepfake technology.

Ivanti2026 State of Cybersecurity Report: Bridging the Divide·Feb 12, 2026
PhishingDeepfakeSocial Engineering

In Q4 2025, callback phishing increased from 3% to 18% of all phishing incidents, a 500% spike.

VIPRE Security GroupQ4 2025 Email Threat Trends Report·Feb 4, 2026
PhishingCallback PhishingEmail SecuritySocial Engineering

In 2025, 'ClickFix' social engineering techniques were used in 1% of phishing attacks.

BarracudaThreat Spotlight: How phishing kits evolved in 2025·Jan 7, 2026
PhishingPhishing TechniquesSocial EngineeringClickFix

63% of retailers plan to invest significantly in generative AI for social engineering attacks.

LevelBlueBuild Cyber Resilience for a Stronger Retail Future·Nov 12, 2025
RetailGen AISocial engineeringBudgetInvestment

65% of organizations expressed serious concern about IT help desk bypass and social engineering attacks as a top threat.

RSA2026 RSA ID IQ Report·Nov 11, 2025
IT help desk bypassSocial engineering

Nearly a third of leaders at financial services firms admit they are not fully confident employees could recognize an AI-driven phishing or social engineering threat.

Omega Systems2025 Financial Services Cyber Resilience Report ·Oct 15, 2025
Financial services AI-driven attackPhishingSocial engineering

64% of surveyed enterprises confirmed social engineering attacks via encrypted or informal channels in the past 12 months.

DuneCISOs on the Emerging Threats Redefining User Cyber Risk·Sep 4, 2025
EnterprisesSocial engineering

38% of organizations admit to being underprepared for AI-driven social engineering threats such as automated attacks, deepfake-based videos, and voice scams.

LevelBlueData Accelerator: Social Engineering and the Human Element ·Aug 27, 2025
AISocial engineeringDeepfakesVoice scams

AI-enhanced phishing and social engineering are the most concerning tactics (27%) for insider threats.

ExabeamFrom Human to Hybrid: How AI and the Analytics Gap Are Fueling Insider Risk·Aug 21, 2025
Insider threatAIPhishingSocial engineering

78% of security leaders identify social engineering and phishing as their top threat.

Gurucul2025 Pulse of the AI SOC Report·Aug 21, 2025
Social engineeringPhishing

Fake CAPTCHA social engineering attacks, particularly ClickFix campaigns, jumped 1,450% from the second half of 2024 to the first half of 2025.

LevelBlueLevelBlue Threat Trends Report, 2025, Edition Two·Jul 30, 2025
Social engineeringCAPTCHA

Social engineering attacks accounted for 39% of initial access incidents observed during the first half of 2025.

LevelBlueLevelBlue Threat Trends Report, 2025, Edition Two·Jul 30, 2025
Social engineering

51% of respondents consider AI-enhanced social engineering a fairly or extremely significant concern.

BitdefenderBitdefender 2025 Cybersecurity Assessment Report: Navigating the New Reality ·Jun 24, 2025
AISocial engineering

44.7% of respondents cited phishing/social engineering as a top concerning threat.

BitdefenderBitdefender 2025 Cybersecurity Assessment Report: Navigating the New Reality ·Jun 24, 2025
PhishingSocial engineering

44.7% of respondents cited phishing/social engineering as a top concerning threat.

BitdefenderBitdefender 2025 Cybersecurity Assessment Report: Navigating the New Reality ·Jun 24, 2025
PhishingSocial engineering

28% of healthcare executives say they are likely to invest in generative AI for social engineering attacks.

LevelBlue2025 LevelBlue Spotlight Report for Healthcare ·Jun 4, 2025
HealthcareAIGen AISocial engineering

Social engineering attacks (48%) and ransomware (34%) were the most common types of cyberattacks on healthcare organizations in the past year.

Omega Systems2025 Healthcare IT Landscape Report·Jun 4, 2025
HealthcareSocial engineeringRansomware

28% of healthcare executives say they are likely to invest in generative AI for social engineering attacks.

LevelBlue2025 LevelBlue Spotlight Report for Healthcare ·Jun 4, 2025
HealthcareAIGen AISocial engineering

56% of financial professionals cite social engineering as a significant tactic powered by AI.

Feedzai2025 AI Trends in Fraud and Financial Crime Prevention ·May 6, 2025
Financial servicesFinancial fraudSocial engineeringAI

Social Engineering was the second-most common incident pattern in the region, with phishing appearing in 19% of breaches in EMEA.

Verizon2025 Data Breach Investigations Report·Apr 23, 2025
Social engineeringPhishingEMEA

The FBI received 193,407 complaints about phishing/spoofing in 2024 (versus 298,878 in 2023 and 321,136 in 2022).

FBIInternet Crime Complaint Center Report·Apr 23, 2025
Social engineeringPhishingSpoofing

20% of phishing emails between September 15, 2024 and February 14, 2025 relied solely on social engineering.

KnowBe4Phishing Threat Trend Report·Mar 20, 2025
PhishingSocial engineering

In Q4 2024, HP threat researchers saw a growth in social engineering campaigns that rely on fake CAPTCHA challenges to infect users with malware

HP Wolf SecuritySecurity Threat Insights Report: March 2025·Mar 18, 2025
Social EngineeringFake CAPTCHAQ4 2024Malware

42% of organisations reported phishing and social engineering attacks in 2024.

World Economic ForumGlobal Cybersecurity Outlook 2025 ·Jan 1, 2025
PhishingSocial engineering