Email, text, and call spam remain major threats nowadays. Nearly half of all daily emails are unwanted, with users worldwide encountering boosted volumes of phishing and scam content. In retail and financial services, spam disrupts customer trust and inflates cybersecurity budgets. Meanwhile, call-based scams cost consumers time and mental strain in real-world defense scenarios. Keep reading to explore the detailed statistics shaping this evolving landscape.

Editor’s Choice

Daily global email traffic is projected at 376.4 billion emails in 2025.
Spam makes up nearly 46.8% of email traffic as of December 2024.
Phishing emails account for approximately 1 in every 412 emails, while spam overall represents around 46.8% of global email traffic.
The U.S. sends 8 billion spam emails daily, more than any other country.
Americans receive an average of 9 spam calls per month, or 3.1 billion unwanted calls annually.
In Q1 2025, 12.5 billion suspected spam calls were flagged globally, about 137 million per day.
The average cost of a phishing breach in 2024 was $4.88 million.

Recent Developments

The global inbox now processes 376.4 billion emails per day in 2025, rising steadily year over year.
Spam share rose above 46.8% of email traffic by the end of 2024.
The incidence of phishing reached 1 in every 412 emails, reflecting intensified attack volume.
Simultaneously, legitimate daily email volumes continue upward, with 241 million emails sent per minute.
Spam call filters and regulations have curbed complaints, dropping spam call reports by over 50% since 2021.
Yet, users still lose 234 million collective hours answering spam calls in the U.S. between September 2024 and August 2025.
Researchers note ongoing adaptation by robocallers, who circumvent authentication standards like STIR/SHAKEN to persist.

Most Common Spam Email Topics

Prizes and giveaways lead with 36.7%, luring users with fake rewards.
Job opportunities make up 36.3% of spam, often targeting the unemployed or remote workers.
Banking-related spam hits 34.6%, aiming to trick users into giving up financial credentials.
Account update scams (like password resets) account for 28.7% of spam emails.
Software download prompts appear in 23.2% of spam, often delivering malware.
Online gambling spam makes up 21.1%, preying on addictive behavior.
Adult content spam appears in 19.0% of unwanted emails, often bypassing filters.
Cryptocurrency-themed spam represents 17.3%, exploiting market hype and FOMO.
Requests for money in exchange for benefits show up in 17.0% of spam, mimicking classic scam models.
Celebrity impersonation emails appear in 12.0% of spam, tricking users with fake endorsements.
Pharmaceutical spam covers 11.3%, pushing unverified or illegal products.
Romance-themed spam shows up in 10.0%, targeting emotionally vulnerable users.
Other miscellaneous spam topics make up the remaining 8.9%.

Global Spam Volume Statistics

The U.S. generates the most spam emails per day, 8 billion, with China close behind at 7.6–7.8 billion daily.
Germany and Russia each contribute around 7.3 billion spam emails daily.
Other top contributors include Singapore, Japan, and France at about 7.2 billion daily.
Daily global email traffic hits 376.4 billion, of which approximately 47% is spam.
In 2023, spam represented 45.6% of email traffic, increasing to over 46.8% by late 2024.
Phishing spam constitutes 1.2% of email traffic, representing about 4 billion phishing emails daily.

Country Comparison: Spam Origins

The United States leads daily spam email volume at around 8 billion.
China follows closely with 7.6–7.8 billion spam emails daily.
Germany and Russia each dispatch around 7.3 billion spam emails daily.
Singapore, Japan, and France each send about 7.2 billion spam emails per day.
China has the most spam‑emitting IP addresses (~771,021), with the U.S. second (~677,067).
CO₂ output from spam emails, the U.S. alone contributes 240 metric tonnes daily, and China 228 tonnes.
The top 10 countries combined contribute 2,184 tonnes of CO₂ daily via spam.

Most Targeted Industries and Sectors

The financial sector receives 45.8% of spam attacks, leading all industries in targeting volume.
E-commerce accounts for 27.3% of spam activity, making it the second most targeted sector.
SaaS companies face 12.5% of spam attempts, highlighting their visibility to attackers.

Emails in the dating industry endure a 14.97% spam rate, the highest across all sectors.
In contrast, home & garden, food & drink, and clothing suffer lower spam rates, around 10.6%.
Spam targeting WordPress sites is significant; 69% of platforms using WordPress are attacked, especially through form submissions.
The most spammed forms, sign-up forms (45%), contact forms (35%), and e-commerce forms (15%).

Demographic Trends in Spam Victims

Scam exposure rates are higher in U.S. ZIP codes with larger populations of racial groups and individuals without a high school diploma or GED.
People living in lower-income and rural areas are more likely to fall for scams, especially in states like Ohio, New Jersey, and Pennsylvania.
Despite having higher education levels, urban regions like San Jose, CA, and Miami Beach, FL also report above-average victimization rates.
Households with higher median incomes are less likely to be targeted but suffer greater financial losses when they do fall victim.
Older adults (ages 60+) continue to be disproportionately targeted, with phishing and tech support scams being especially common.
In 2025, the average loss per victim aged 65+ is 1.7x higher than that of younger adults, despite fewer overall reports.
Young adults (18–29) report fewer scams but are more likely to engage with spam links, particularly on social platforms.
Populations with limited digital literacy show higher vulnerability to fake job offers, government impersonation, and loan scams.
Scam susceptibility is also higher in regions with low broadband access, where users may lack exposure to anti-spam education or real-time alerts.

Breakdown of Spam Email Types by Category

Marketing and advertising emails dominate with 36%, often promoting fake products or services.
Adult content spam follows closely at 31.7%, frequently bypassing filters with provocative messaging.
Financial spam makes up 26.5%, typically involving fake banking alerts or loan offers.
Miscellaneous spam accounts for 3.3%, covering unrelated or hard-to-categorize topics.
Scams and fraud emails are at 2.5%, often seeking to steal money or sensitive data.

Most Prevalent Spam Attack Methods

Cybercriminals dispatch 3.4 billion phishing emails per day, making it the most widespread form of cybercrime.
Phishing remains the top attack vector for initial access in 2025.
There’s been a 1,265% surge in phishing emails due to AI-driven automation.
Business Email Compromise (BEC) scams alone caused $2.7 billion in U.S. losses in 2024.
Spear phishing dominates targeted attacks; 65% of attackers choose it as their primary method, and 71% of targeted attacks are spear phishing.
Education sector employees click phishing emails the most (27.6%), followed by finance (26.6%) and IT (25.6%).
Smishing (SMS phishing) is rising sharply, with a 2,534% increase, and URL-laden SMS scams make up over 55% of such threats.
QR code phishing exploded too, with 4.2 million threats observed in the first half of 2025.

Malware and Ransomware via Spam

236.7 million ransomware attacks occurred globally in the first half of 2024, marking a 40% year-over-year increase.
Malware incidents rose by 30% between 2023 and 2024, reversing a prior decline.
Ransomware victims in June 2025 numbered 463 globally, down 15% from May.
Notable ransomware actors include Qilin, Fog, and Anubis, exploiting unpatched systems and introducing file-wiping methods.
Remote Access Trojans (RATs) like Wincir are resurging via “scam-yourself” schemes where users unknowingly install malware.
URL-based threats now outnumber attachments, 3.7 billion URL threats reported over six months, though only 8.3 million delivered malware.
ClickFix malware (posited as tech issues) surged nearly 400%, and AI-generated phishing kits (e.g., CoGUI, Darcula) empowered low-skill attackers.

Most Common Channels for Receiving Spam

Emails are the top spam channel, affecting 49% of users globally.
Phone calls account for 26.5% of spam complaints, often linked to robocalls or scams.
Text messages represent 14.7% of spam delivery, including phishing and fake links.
Messaging apps like WhatsApp and Facebook Messenger carry 9.8% of reported spam.

Evasion Methods Used by Spammers

78% of malicious emails use two or more obfuscation techniques to bypass filters.
Techniques include deliberate spelling mistakes in SMS to evade detection.
Bayesian poisoning adds innocuous or random words to spam so filters misclassify it as legitimate.
Spammers also deploy hidden text salting, embedding benign text to fool detection systems.
Polymorphic URLs, dynamic IPs, and shortened links help spammers constantly change payloads and evade static filters.
Joe Jobs spoofed sender addresses to cloak origins and impersonate trusted contacts.
Referrer spam (ghost spam) uses fake analytics visits to drive traffic, manipulating site logs for SEO.
List poisoning floods a spammer’s email list with invalid or trap addresses, forcing extra resource use.

Losses Caused by Spam and Scams

In 2024, phishing scams led to $12.5 billion in losses, a 25% increase over the previous year.
Business Email Compromise (BEC) cost U.S. companies $2.7 billion in 2024.
The average phishing-related breach in 2024 cost organizations $4.88 million, up nearly 10% year-over-year.
A single whaling attack can cost a business up to $47 million.
Organizations with advanced AI and automation saved about $2.22 million on average in breach costs.
Global cybercrime damage is projected at $9.5 trillion in 2024.
In 2024, phishing was the top entry point for 36% of all data breaches, highlighting its central role.
60% of breaches involve a human error or lapse, underscoring the critical role of awareness.

Cost of Spam to Companies

Spam costs businesses about $20.5 billion per year in lost productivity.
The average employee loses 2 workdays per year due to sorting through spam.
That equates to about $1,934 in lost productivity per employee per year.
Spam comprises only 2.5% of email traffic, but 73% of that is identity theft–related.
Gmail blocks over 100 million spam emails per day, blocking 99.9% of spam, phishing, and malware.
Unknown malware threats surged by 46%, reaching 3.8 million new threats in 2022.
Spam forces companies to invest heavily in filtering infrastructure and training, costs not always reflected in direct budgets.

Technology and AI in Spam (Creation and Detection)

AI-driven phishing campaigns have shown exponential growth in 2024–2025, with some platforms reporting up to a 1,265% increase in detected AI-generated threats.
Autonomous AI attacks, such as hijacking chatbots, could become operational within months.
Automated scans, used for reconnaissance, rose 16.7% year-over-year, reaching 36,000 scans per second globally.
Over 1.7 billion stolen credentials now circulate on the dark web, enabling targeted attacks.
Large Language Model (LLM) spam detection systems like GPT‑2 and BERT are promising but vulnerable to adversarial attacks.
Spam filters like SpamAssassin misclassified up to 73.7% of LLM-modified spam as legitimate.
AdaPhish, an AI‑powered adaptive phishing detection tool, can anonymize and analyze threats in real time.

Anti‑Spam Measures and Effectiveness

Gmail’s systems block over 99.9% of spam, phishing, and malware before it reaches inboxes.
Employee distraction is now the leading cause of cyber incidents, cited by 43% of professionals, more than attack sophistication.
Organizations plan to increase cybersecurity budgets, 45% on email security, 37% on training, and 34% on cloud security.
Global cybersecurity spending is projected at $213 billion in 2025, up from $193 billion in 2024.
The use of AI for defensive technology, such as anomaly detection, is growing, though only 26% of organizations are currently investing in it.
NordVPN launched a spam call protection feature for Android, responding to a 33% spike in scam call losses in 2024.
Multi-factor authentication (MFA) remains a strong defense, but phishing continues to bypass it in many cases.

Future Trends in Spam and Cybersecurity

Security researchers warn that semi-autonomous AI tools are already being used in cyberattacks, and fully autonomous phishing and impersonation systems could become viable in the next 6–12 months.
AI impersonation scams (deepfake voice/video) are up 148% in 2025, often targeting executives for large-scale fraud.
Deepfake-enabled scams are on the rise, with reports suggesting over 100,000 incidents and up to $200 million in losses in the U.S. during early 2024, particularly targeting executives through voice fraud and synthetic media.
Fraud losses driven by Generative AI could quadruple by 2027, with annual growth exceeding 30%.
Cyber reconnaissance via automated scanning escalates rapidly, enabling faster attack cycles.
Spam filters must evolve; traditional Bayesian methods falter against LLM-modified attacks.
Defenders need AI-driven detection, phishing-resistant MFA, and continuous security awareness training to stay ahead.

Conclusion

Spam and phishing today are not just nuisances; they are powerful entry points for multi-million‑dollar fraud and cybercrime. Financial services, healthcare, and corporate sectors bear the brunt of these attacks, while advances in AI both enable sophisticated threats and offer new defensive tools. Human factors, such as distraction, pose ongoing risks even as technology evolves. The path forward lies in balancing automated detection, improved employee readiness, and structured investments in AI-enhanced security. As we approach a future where automated and deeply personal attacks become routine, vigilance and adaptive defenses will determine whether organizations can stay one step ahead.