Many users aren’t aware of the cyber threats lurking on the Internet, partly because online security feels disembodied, like it doesn’t really have a practical use. Stories almost always focus on someone far away, like high ranking politicians, celebrities or big companies.

But cybercrime and malicious hackers also target regular people, like you and me. And they do so far more frequently than you’d think.

Using these numbers and brief explanations for each attack, we want to bring these cybersecurity hacking threats closer to you, to put them into perspective.

Phishing is the most common cyber security threat out there

Phishing is a cyber-attack where the malicious hacker sends a fake email with a link or attachment in order to trick the receiving user into clicking them. In most cases, either the link launches a malware infection, or the attachment itself is a malware file.

Due to their simplicity, these types of attacks have been popular since the dawn of email, and will most likely remain as such for the foreseeable future.

Here’s a comparison between a legitimate email sent from Delta Airlines and a phishing email we received as part of a security alert:

  • Legitimate Delta Airlines email

  • Phishing email

Things to notice:

  • Email sender address is wildly inaccurate.
  • The tone of the phishing email is urgent, in order to prompt you to click.
  • The email footer and signature don’t match the ones Delta Airlines uses.


Phishing statistics

For regular Internet users, the cost of a phishing attack can vary wildly. The simple ones might cost no money at all, just the lost time and frustration required to clean up your computer.

However, ransomware and spyware infections can drive up the costs into the hundreds, or even thousands of dollars. It all depends on what information the cybercrook infects or steals, think personal photos, work documents or financial data.

Companies however have a much harder time: $1.6 million is the cost of a phishing attack against big organizations with 10,000 employees.

You’d think that few people open phishing emails, much less click on their links, but you’d be very wrong. Many studies have pointed out that phishing emails have open and click rates that are either identical or HIGHER than legitimate emails.

According to a study by Verizon’s DBIR team, phishing emails are opened by 31% of users, while 12% of total users actually end up clicking the link. Those are huge figures, given that the average open/click rate of emails across all industries is 24% and 3%, respectively.

To make matters worse, almost 61% of all email traffic is spam. That’s 3 out of 5 emails.

Granted, not all of them are phishing emails, or even malicious emails. Some are simply spam mails, sent by companies who engage in unethical practices and rent or buy other email lists.

Even so, roughly 1 out of every 131 emails sent on in the Internet has a malware attachment. Keep in mind that this excludes emails that have a malicious link in them, since these are harder to find and track by Internet security measures.

Spear phishing and whaling attacks

Spear phishing is a more targeted version of a phishing attack. For instance, a spear-phishing attack specifically targets certain users, such as customers from a particular bank or users of an online shopping site. Since users are used to receiving such emails, they won’t be as suspicious and wary, and will be more likely to click the link.



Whaling is the hyper targeted version of phishing. Instead of canvassing a wide swath of Internet users, the cybercriminals focus only on one, very high value user, such as a CEO or high-ranking politician.


These sort of whaling attacks are surprisingly efficient. Even Google and Facebook ended up paying nearly $100 million to a fraudster claiming to represent an Asia producer of servers.

Be sure to check out our guide on how to detect and protect yourself against a phishing attack.

How these 4 frequent attack tactics break your online security

Data Leaks/breaches

For most users, major data leaks and breaches are of little concern. They feel safe knowing they are just 1 user out of millions or tens of millions of leaked identities.

“They couldn’t possibly target me out of all those people!”

In the cybersecurity field, this myth is called “safety through anonymity”, and it’s a major fallacy most people buy into.

Spammers rely on these leaks to accumulate emails lists for their spam operations. Phone numbers and addresses are also highly sought after for vishing and other phone scams.

But the most sought after information are credit/debit card details. For instance, a complete credit card record on the dark web costs around 30$ dollars.

Complete electronic healthcare records also command a hefty cost, ranging from 30$ to 50$ dollars per record.

These prices coupled with strong demand have provided incentives for malicious hackers to commit data breaches in order to obtain this information. In 2016 there was a record amount of data breaches: 4.2 billion records were leaked online.

Granted, many of these records were simply leaked emails, without the login password and other similar types of information.

One of the most troublesome aspects however is that many of these leaks could have been prevented by basic security measures, such as using strong and secure passwords. Around 63% of breaches took place because the passwords that secured the databases could be hacked by a simple brute force or dictionary attack.

Data breaches and leaks significantly damage the targeted companies as well. First off, there’s significant material damage to infrastructure and downtime. But the greater risk is brand damage and lost consumer trust.

This Ponemon study has found that 15% of consumers plan to discontinue a relationship with a hacked company, while another 13% of consumers would avoid doing business with them.

In spite of these extensive studies, the full picture on data breaches is incomplete, since many companies either choose not to disclose the breach, hoping to contain the damage internally or they might simply be unaware that a leak ever occurred.

If your company is unfortunate enough to go through a major leak, here’s an article you can go over to learn what you can do to better protect yourself next time.

data leaks and breaches statistics

Ransomware is the most dangerous type of cyber security threat

Around 18 million malware samples were discovered in 2016. That’s nearly 50,000 new malware every single day. But out of all the malware out there, ransomware has grown to become the biggest cyber threat.


Ransomware is usually delivered on a victim’s PC using phishing emails. The careless user first downloads the phishing email’s attachment and executes it. The ransomware then inserts commands into the Windows Registry so that it always boots up alongside the operating system.

Afterwards, the ransomware sets up a connection with the malicious hacker’s control server. The server then sends an encryption key to the ransomware. It is at this stage that the ransomware begins its encryption attack and locks up most, if not all, of the user’s data.

The following numbers taken from this comprehensive IBM study will really help to bring home the true scope of ransomware.

Users unlucky enough to get infected by ransomware should expect to pay anywhere between $500 to $10,000 dollars to recover their files. Unfortunately, 1 out of every 4 paying users don’t receive their decryption key. In effect, they lose both their money and their data.

But ransomware attackers prefer to target businesses and other organizations. Nearly 70% of them end up paying the ransom to recover business-critical data.

But it’s not just higher pay rates that are attractive, the sums are also much bigger. Nearly 50% of paying businesses forwarded between $10,000 to $40,000 dollars to recover their files.

Overall, only 42% of ransomware-infected victims were lucky enough to recover their entire data. The ones that did either had a complete backup or paid the ransom.

Our ransomware guide offers you 15 actionable tips on how to deal with a ransomware infection, and also how to prevent one.

ransomware damage statistics

Compromised web pages

Most of our experience on the web is carried out through web pages and browsers. Unsurprisingly, these are frequently targeted by malicious hackers and used as malware infection channels.

Nearly 76% of websites scanned by Symantec had some sort of security vulnerability, while 9% had a critical security vulnerability, which allow malicious hackers to run operations on an Internet users device without him knowing.

In an effort to fight back against these malicious websites, Google blacklists nearly 4 million per year from appearing in search results.

Browsers too are prime targets, with nearly 888 vulnerabilities found in 2016 alone. While not all of these vulnerabilities are severe, some of them allow the attacker to perform a buffer overflow or code injection. In the worst case scenario, these attacks allow a malicious hacker to obtain complete remote control of your PC.

Outdated software

Flash and Java are two other software programs with significant vulnerabilities. Adobe and Oracle do update these software frequently, but most people still use outdated software. Some 60% of users use outdated Flash software while 72% are on an old Java version.

The damage caused by these outdated software cannot be overstated. JavaScript in particular is frequently used as a delivery method for drive-by downloads and other malicious processes such as JavaScript malware.

In other cases, exploit kits target these software vulnerabilities. In a nutshell, an exploit kit is a malicious software installed on a website that scans a visitors software, such as browser or Flash version. If the visitors software is outdated and has known vulnerabilities, then the exploit kit will attack that particular vulnerability with specialized malware.

web and browser infections

Other cybersecurity threats

Fileless malware

This type of malware is different from other threats since it doesn’t actually drop malicious files on a computer. Instead, it inhabits certain critical functions of a computer such as the Windows Registry, the BIOS or the RAM (Random Access Memory).

Traditional antivirus programs have trouble detecting fileless malware since it resides on a deeper layer of the computer, which traditional antivirus programs are unable to access.

DDoS attacks

DDoS attacks involve the use of thousands of infected computers or other devices that repeatedly access a web page in order to overwhelm its infrastructure and bring it down.

The swarm of infected computers and devices is called a botnet. Each botnet is controlled by a Command & Control server, which directs its various activities.

DDoS attacks have always been a cybersecurity threat, but the Internet of Things has pushed it to new heights. New malware such as Mirai exploits weak passwords of smart devices such as smart TVs, fax machines and internet-connected refrigerators. These are then enslaved into the botnet and used to launch even more powerful attacks on pages and networks.


There are many more types of cyber threats out there, but these are the biggest, judging by industry-wide trends and concerns among cybersecurity experts. For each of these, we’ve attached relevant guides that can help you understand how they work, but most of all to help you protect yourself.

Share this Image On Your Site

Spend time with your family, not updating their apps!
Heimdal™ Free - Software Updater
Let Heimdal™ FREE Silently and automatically update software Close security gaps Works great with your favorite antivirus


Download Heimdal™ FREE

Ransomware Explained. What It Is and How It Works

Here’s How To Get Solid Browser Security

How Every Cyber Attack Works – A Full List


Leave a Reply

Your email address will not be published. Required fields are marked *