As we take a deeper look at phishing across the OpenDNS network to better protect you and yours, we’ve uncovered some interesting patterns about the way Americans interact with phishing emails.

– The majority of clicks on known phishing links happen between 6 AM and 10 AM.

– The fewest clicks on known phishing links happen between 9 PM and midnight.

According to data from ConstantContact, a large email marketing company, the volume of email sent is highest between 10 AM and 2 PM. That means the volume of phishing emails in the morning might not be attributable only to the fact that phishing emails are being sent in the morning.

So what it is about the morning hours that’s got so many of us fooled? Perhaps we’re simply more susceptible, more easily fooled in the morning. Before we’ve had our coffee and gotten our day started. Perhaps it’s because morning is when we clean out our inboxes, looking over email that’s come in the night before.

Also interesting is that more clicks on phishing links happen in California than any other US state. The top five phish-clicking states are here, in order.

  • California
  • Texas
  • New York
  • Illinois
  • Florida
  • For context, this maps almost perfectly to state population. The only deviation is Illinois, which is actually the fifth largest state. So from this data one might conclude that we’re equally fool-able. Among the top five, no one state has a disproportionate number of phishing link clicks.

    OpenDNS has been active in the fight against phishing for several years. We operate the largest clearinghouse of phishing data on the Internet,, and provide the absolute best phishing protection around.

    While we advise the absolute best protection against phishing is avoiding clicking links unless you’re 100% certain they’re safe, unfortunately many of us are fooled. And for good reason. The methods through which we’re phished have become dramatically more sophisticated in recent years. Early phishes appeared to come only from banks and financial organizations, but today phishes spoof gaming companies like Zynga, e-commerce sites like Amazon, government organizations like the IRS. And increasingly more and more phishes are what are commonly described as “spear phishes,” where some known information about you, the recipient, is used in the scam.

    When you receive phony emails aiming to trick you from nearly every website and online service you use, using OpenDNS is more important now than ever.

    This post is categorized in: