Phishing and Wallet Drainer Incidents Statistics 2026: Hidden Threats Now

Phishing and wallet drainer attacks continue to rise sharply today, inflicting heavy financial losses and undermining trust in digital systems. Companies, governments, and individuals now face more sophisticated threats via email, SMS, social media, and even AI-generated content that trick users into giving up credentials or crypto assets.

For example, in the crypto space, scammers drained approximately $500 million via wallet drainer attacks. Meanwhile, phishing-related data breaches now average close to $4.88 million in cost per incident. These numbers show the urgency. Explore the full article to understand how these trends are evolving and what defenses are proving effective.

Editor’s Choice

• The average cost of a data breach involving phishing in 2025 is about $4.88 million.
• Business Email Compromise (BEC) scams caused $2.7 billion in losses in the U.S. in 2024.
• Credential theft incidents have surged by about 160% in 2025 versus earlier periods.
• Wallet drainer scams resulted in nearly $500 million in losses in 2024.
• Phishing emails now account for 36% of all data breaches.
• Organizations implementing security awareness training saw phishing susceptibility fall by over 40% in 90 days, and up to an 86% reduction in a year.
• Security vendors estimate that over 3 billion malicious emails, including spam, phishing, and malware, circulate daily, with phishing making up a significant proportion.

Recent Developments

• AI-powered phishing content is now used in a significant portion of attacks, for instance, 82.6% of phishing emails leveraging AI-generated content in 2025.
• Threat actors are using fake startup company identities with AI, gaming, and Web3 themes, and legitimate platforms like Notion and GitHub for project documentation to lend credibility.
• Malicious URLs are increasingly overtaking attachments as the primary method of delivery for phishing or malware threats.
• New campaigns are using “quishing” (QR code baiting), LLM-written pretexting, and more advanced social engineering to bypass traditional detection.
• Phishing simulation data: 67.7 million simulated phishing tests across 14.5 million users and 62,400 organizations.
• Credential theft is rising sharply, with compromised credentials making up about 20% of cases in 2025.
• Social media impersonation schemes (spoofed profiles, fake Web3 projects) remain a growing method for wallet drainer and phishing attacks.

Phishing Attack Volume and Frequency Statistics

• Approximately 73% of organizations globally have reported at least one successful phishing attempt in 2025.
• Phishing emails bypass standard security filters in nearly 47% of observed cases.
• The click-through rate for phishing emails that use urgency-based triggers has reached about 18% in 2025.

• The frequency of successful phishing attacks has increased year-over-year, in part due to AI weaponization driving more convincing lures.
• Organizations see measurable gains: training programs reduce click-rates and phish-prone percentages over time.
• Malicious URL threats are now counted in the billions over just half-year spans.
• Smishing and social media lures are rising in frequency alongside email attacks.

Financial and Economic Impact of Phishing Attacks

• The average phishing-related data breach now costs around $4.88 million.
• U.S. losses from BEC scams hit $2.7 billion in 2024.
• Customers lost $27.2 billion in 2024 due to identity fraud.
• Cyber scams cost Americans about $16 billion in 2024, a 33% increase from the previous year.
• Wallet drainer attacks accounted for about $500 million in losses in 2024.
• Industries suffer extra costs beyond direct loss, including remediation, reputational damage, regulatory fines, and customer turnover.
• Delay in breach detection and containment increases total costs, with many breaches still taking 200-300+ days to fully identify and contain.
• Small and mid-size companies often bear disproportionate losses relative to their security budgets.

Don't chase the news. Let us curate it.

You get one weekly briefing with only the stories that matter. If the market is quiet, we skip it.

Email address

Get the Weekly Briefing - it's free!

✅ Join readers from Visa, Vanguard, and the FDIC.

Phishing Victim Demographics and Susceptibility

• 21% of U.S. adults report having lost money in an online scam or attack.
• Younger adults (ages 18-29) are more likely (~25%) to report financial loss from scams than those 65+ (~15%).
• Black, Hispanic, and Asian adults are more likely than White adults to experience multiple types of online attacks and fraud.
• Households with lower incomes report more frequent multiple scam exposures.
• Among crypto wallet users, 35% fail to properly back up their secret recovery phrases, increasing susceptibility.
• Healthcare, insurance, and retail/wholesale sectors show higher employee susceptibility, with phish-prone percentages of 41.9%, 39.2%, and 36.5% respectively.
• Many victims are misled by impersonation of trusted brands or services with which they are already familiar.
• Demographic factors like age, occupation, and digital literacy correlate strongly with the likelihood of clicking or responding.

Methods and Tactics Used in Phishing Attacks

• 82.6% of phishing emails now leverage AI-generated content.
• Use of urgency or fear triggers in phishing emails has a CTR of about 18%.
• Quishing and LLM-assisted pretext emails show comparable effectiveness to traditional phishing.
• Malicious URLs are more commonly used than traditional attachments.
• Impersonation of trusted brands remains a top tactic, targeting apps and financial institutions.
• Social engineering via impersonated social media accounts or fake projects is common in wallet drainer campaigns.
• Attackers increasingly bypass MFA and exploit human error, with over 60% of breaches involving a human element.
• Credential theft incidents surged by about 160%.

Brand Impersonation in Phishing Incidents

• Over 50% of phishing scams in 2024 involved the impersonation of Microsoft.
• Threat actors clone logos, domains, and assets to fake legitimacy.
• More than 140 ghost stores impersonating retailers were uncovered in one study.
• 1.7 million unique malicious QR codes were tied to phishing or fraud in a six-month span.
• 33% of phishing attempts in 2025 target banks or similar institutions.
• Users are more likely to click when the impersonated brand is one they already use.
• Rogue apps mimicking banking or payment apps show a rising trend.
• Fake social media accounts impersonating brands distribute phishing links.

Data Breach Costs by Incident Type

• Malicious Insider breaches are the most expensive, averaging $4.92 million per incident.
• Supply-chain breaches closely follow at $4.91 million, reflecting the high risk of third-party vulnerabilities.
• Phishing attacks cost organizations about $4.80 million on average per breach.
• On-premises breaches remain the least costly but still significant, with an average of $4.01 million.

AI-Driven and Emerging Phishing Trends

• Only 0.7%–4.7% of malicious emails were clearly written entirely by AI.
• AI-enhanced phishing emails make up a large majority of spear-phishing content.
• Some threat intelligence platforms reported a 400%+ spike in voice phishing (vishing) incidents between early 2024 and mid-2025, particularly driven by AI voice cloning.
• AI-voice cloning is being used in executive impersonation fraud schemes.
• Synthetic chatbots and personas appear in 43% of AI-driven phishing campaigns.
• ~37% of large corporations reported deepfake voice impersonations in 2025.
• AI phishing kit values rose by about 61% in 2025.

Multi-Channel Phishing: Email, SMS, Social Media, and More

• 41% of phishing incidents involve multi-channel attacks beyond email.
• Social media platforms are used in approximately 30% of phishing-related incidents, though definitions and methods vary across studies.
• Smishing and phishing are becoming more common vectors.
• Voice-based phishing increased by 442% between halves of 2024.
• Slack, Teams, and collaboration tools are now used for phishing.
• Phishing campaigns extend into social media platforms.
• Email remains dominant, with ~40% of email threats being phishing attacks.
• Urgency language in emails yields high click rates of about 18%.

Industries Most Targeted by Phishing Attacks

• The global average number of phishing attacks per reported user is 1.40.
• Media production faces the highest risk with 2.91 attacks per user, more than double the global average.
• The government sector is also highly targeted, averaging 2.08 attacks per user.
• Manufacturing and construction industries report about 1.65 attacks per user.
• Financial services experience 1.41 attacks per user, slightly above the global average.
• Oil and energy industries face 1.28 attacks per user, below the global average but still significant.

Ransomware and Phishing Attack Correlation

• 92% of organizations observed at least one compromised business email, often leading to ransomware.
• Many ransomware attacks begin with phishing emails delivering malware or credentials.
• Generative AI has expanded the pool of phishing vectors that lead to ransomware.
• The average cost of ransomware per incident continues to rise.
• Double extortion tactics follow phishing or credential theft more often.
• Phishing emails with malware frequently precede ransomware attacks.
• Weak email filters significantly increase ransomware exposure.

Business Email Compromise (BEC) Statistics

• The average cost of a BEC attack is about $4.67 million.
• BEC attacks make up about 8.5% of all data breaches.
• Organizations report increasing sophistication in BEC emails.
• AI tools and social engineering are boosting success rates.
• Finance, legal, and real estate sectors are common targets.
• Smaller firms report higher proportional losses from BEC.

Credential Harvesting and Data Theft Incidents

• Credential theft surged 160% in 2025.
• Compromised credentials now account for about 20% of all breaches.
• Credential leaks from GitHub or code repos take about 94 days to be remediated.
• Urgency/authority-based phishing emails have higher click rates.
• AI-enhanced credential phishing kits are more effective and more available.
• Phishing-based data theft exposes large volumes of personal or financial info.
• Spear phishing sees higher success rates for credential harvesting.
• Leaked credentials often lead to downstream fraud or account takeovers.

Regional and Global Phishing Trends

• In Q1 2025, there were 1,003,924 phishing attacks, the highest since late 2023.
• Online payment and banking sectors made up 30.9% of attacks in Q1 2025.
• SaaS/Webmail was the most targeted industry at nearly 18% of attacks.
• Personal wallet compromises made up 23.35% of stolen fund activity in H1 2025.
• Eastern Europe, MENA, and Asia & Oceania showed the fastest year-over-year growth.
• The U.S., Germany, Russia, Canada, Japan, Indonesia, and South Korea were most affected.
• $51 billion flowed into illicit crypto wallets in 2024.
• Stablecoins accounted for 63% of illicit crypto laundering in 2024.

Wallet Drainer Attack Frequency and Losses

• Wallet drainer scams caused about $500 million in losses in 2024.
• In H1 2025, investors lost $3.1 billion, projected to hit $4.3+ billion by year-end.
• A large share of those losses came from phishing and wallet-draining incidents.
• The Bybit hack in February 2025 cost $1.5 billion.
• In 2024, $2.2 billion was stolen from crypto services.
• Social media-based wallet draining campaigns are increasing.
• Dark web discussions about drainer malware rose 135% between 2022 and 2024.

Top Crypto Wallets Targeted by Phishing and Drainers

• WalletConnect, Seaport, and the Coinbase protocol are frequently spoofed.
• Browser wallets and non-custodial wallets face higher risks.
• Hot wallets are more often compromised, while cold wallets suffer rare but major attacks.
• Address poisoning attacks targeted 17 million victims and caused $83.8 million in losses.

Social Engineering and Crypto-Related Phishing Scams

• Phishing and social engineering caused $594.1 million of the $3.1 billion stolen in H1 2025.
• Fake Web3 and AI startups are now common phishing lures.
• Smishing and phishing drive wallet-draining scams.
• Scam addresses pulled in $12 billion in 2024.
• Older investors, especially those over age 60, face disproportionate losses in crypto scams.

Recovery Rates and Law Enforcement Involvement

• $3.1 billion was lost to scams in H1 2025, projected $4.3+ billion by year-end.
• Industry recovery firms report success rates of 94%–98%, though some recover as little as 0.4%.
• Recovery rates from crypto and phishing scams vary widely, with most experts reporting that only 15–20% of victims recover any funds, though some specialized firms claim higher rates in select cases.
• Coordinated operations have frozen over $300 million in stolen assets.
• Microsoft seized nearly 340 websites tied to a phishing subscription service.
• Despite successes, full recovery remains rare in large hacks.

Frequently Asked Questions (FAQs)

Conclusion

Phishing and wallet drainer incidents today are neither isolated nor minor; they are sweeping in scale, expanding in sophistication, and causing escalating losses, especially in the crypto ecosystem. From regional upticks in attack volumes to wallet-draining techniques exploiting user trust, the threats demand sharper defenses. Despite some promising recovery efforts and law enforcement takedowns, many victims still recover little or none of what was stolen.

As you consider your organization’s or your personal security strategy, focus on prevention, vigilance, and trusted channels. Only by staying ahead of evolving tactics, fake protocols, impersonated dApps, and targeted social engineering can one mitigate risk.