Although a few years old, a survey from Gartner shows the cost of phishing attacks. The threat to business and consumers is substantial. Since the survey was completed, there has been no let up on the volume of social engineering attacks, including phishing. As RSA pointed out earlier this year there was a 59 percent increase in phishing attacks from 2011 to 2012. As such, the information provided by the Gartner study on phishing is still relevant. Below are some of the key facts from the study.
Credential theft and social engineering attacks are scaling rapidly. Discover the latest threats and how to strengthen your human firewall against modern phishing.
Explore the latest phishing threats, including MFA bypass kits, fake CAPTCHA malware, and AI-driven scams, and how organizations can reduce social engineering risk.
Social engineering is accelerating in 2026, with attackers shifting from malware to manipulating people through voice calls, phishing emails, and AI-powered deception. From enterprise vishing campaigns stealing SSO and MFA credentials to global cyberespionage operations and large-scale breaches triggered by a single employee interaction, trust exploitation remains the primary entry point. As emerging economies and cloud-driven organizations expand their digital footprint, identity deception, impersonation, and voice-based attacks are becoming dominant threats—proving that the human element is still the most targeted vulnerability in cybersecurity.
