Cost of Phishing for Businesses

Share Now


We’re always talking about the cost of phishing for businesses, but why? Well, you might be surprised to learn that the true costs of phishing aren’t as obvious as you may suspect.

Phishing, of course, is not a new problem. It’s in fact a very old problem that has its roots 20 years ago when people used floppy disks and moved from computer to computer in the good old days of the “sneakernet.”

While phishing is not a new problem, it remains a very viable threat to many organizations – particularly financial institutions, e-commerce companies and government organizations. Rarely a day goes by without a significant attack being reported in the news.

Despite existing layers of security, such as education and training, IDS/IPS, web gateway/web filtering, takedown vendors, etc., there is still a high success rate. It has been estimated that one of every 200 phishing attacks is successful. The average cost of a phishing attack is $150,00 to the organization. That is a significant amount of money.

Now, what may surprise you is that the smallest portion of that cost is the actual fraud. Damage to the reputation and cost of remediation actually account for almost ⅔ of the cost of phishing. Phishing is incredibly costly, and worse, the problem is growing at an alarming rate.


We use our own and third-party cookies to enhance your experience by showing you relevant content, personalizing our communications with you, and remembering your preferences when you visit our website. We also use them to improve the overall performance of our site. You can learn more about the cookies and similar technology we use by viewing our privacy policy. By clicking ‘Accept,’ you acknowledge and consent to our use of all cookies on our website.

This site is registered on as a development site.