Please fill in the form below to subscribe to our blog

What Were BullPhish ID’s Top Phishing Scams of 2020?

January 19, 2021
top phishing scams of 2020

The Top Phishing Scams of 2020 That People Fell for in Simulations is Eye-Opening


Phishing is the favored tool of cybercriminals because it’s an easy, effective launchpad for many types of cybercrime – over 80% of all cyberattacks are phishing based. From bad actors cleverly masquerading as government agencies to the usual email attachment cons, phishing is constantly threatening your business. So it pays to ask, what phishing lures are employees most likely to fall for? We’ve just compiled fresh statistics from BullPhish ID, our newly updated and upgraded phishing resistance training solution, to give you a snapshot of the top phishing scams of 2020 that users fell for in simulations.



BullPhish ID’s Top 3 Phishing Simulation Emails That Lured End Users to Click On Them in 2020


  • Fraud Warning: Suspicious Login Detected. – 11027 clicked
  • An unusual Google Chrome sign in detected – 7557 clicked
  • Email quarantine request for suspicious activity – 5978 clicked

BullPhish ID’s Top 3 Phishing Simulation Emails That Lured End Users in to Submit Data in 2020:


  • Fraud Warning: Suspicious Login Detected. – 1827
  • An unusual Google Chrome sign in detected – 1594
  • COVID-19 Mandatory Seminar – 846

Total Statistical Pool


Total number of phishing simulation emails sent in 2020 – 3,273,995

Total number of clicks on phishing simulation emails in 2020 – 267,976



It’s clear that while companies may think that they’re engaging in adequate phishing resistance training, they’re not, or they’re not keeping up with it – security awareness training needs to be updated at least quarterly for employees to retain it. Plus, it’s essential to make sure that your training includes realistic, thoughtfully designed content. As our data shows, staffers are most likely to be lured in by seemingly routine “system messages”, and that’s worrisome when just one click on a malicious message could unleash disaster.

You can improve the odds that your staff won’t be fooled by unexpected phishing lures by choosing a training solution that uses a wide variety of content that’s frequently updated. BullPhish ID exceeds that standard with more than 80 plug-and-play phishing simulation kits available right now including COVID-19 threats (Google’s biggest phishing topic in history). Content is available in 8 languages with 4 new kits added each month and engaging video lessons.



If you’re wondering what the secret to preventing your business from experiencing a cybersecurity disaster is, we’re happy to tell you: it’s security awareness training. Up to 70% of cybersecurity incidents can be prevented by regular cybersecurity awareness training that includes phishing resistance. Our freshly updated BullPhish ID makes that easy, with user-friendly training portals and simple remote management tools.

You don’t need to hire more security personnel when you maintain a strong cybersecurity culture that makes security awareness training a regular part of everyone’s routine – if everyone is made aware of the seriousness of cybersecurity threats and empowered to fight back against them, then everyone feels like they’re on your IT security team, giving you a stronger defense against threats like phishing.

Contact the experts at ID Agent today to learn more about the new features that we’ve just added to BullPhish ID and how they benefit your business.