Barracuda’s research uncovers new insights into the ways cybercriminals are targeting businesses with spear-phishing attacks

New report shows that small businesses are three times more likely to be targeted than larger organisations

Highlights:

• An average small business employee with less than 100 employees will experience 350% more social engineering attacks than an employee of a larger enterprise.

• Cybercriminals sent out 3 million messages from 12,000 compromised accounts.

• 1 in 5 organisations had an account compromised in 2021.

• Cybercriminals compromised approximately 500,000 Microsoft 365 accounts in 2021.

India, March 23, 2021 —  Barracuda, a trusted partner and leading provider of cloud-first security solutions, today released key findings of the ways spear-phishing attacks are evolving. The report, titled Spear Phishing: Top Threats and Trends Vol. 7 – Key findings on the latest social engineering tactics and the growing complexity of attacks, reveals fresh insights into recent trends in spear-phishing attacks and what you can do to protect your business.

Read the full report: https://www.barracuda.com/spearphishing-vol7

The report examines current trends in spear phishing, which businesses are most likely to be targeted, the new tricks attackers are using to sneak past victims’ defenses, and the number of accounts being compromised successfully. It also tackles the best practices and technology that organisations should be using to defend against these types of attacks.

An in-depth look at attack trends

Between January 2021 and December 2021, Barracuda researchers analysed millions of emails across thousands of businesses and identified some key takeaways:

• An average small business employee with less than 100 employees will experience 350% more social engineering attacks than an employee of a larger enterprise.

• 51% of social engineering attacks are phishing.

• Microsoft is the most impersonated brand, used in 57% of phishing attacks.

• 1 in 5 organisations had an account compromised in 2021.

• Cybercriminals compromised approximately 500,000 Microsoft 365 accounts in 2021.

• 1 in 3 malicious logins into compromised accounts came from Nigeria.

• Cybercriminals sent out 3 million messages from 12,000 compromised accounts.

Sharing his insights on the report, James Forbes-May, Vice President, APAC at Barracuda Networks, said, “Cybercriminals do not discriminate based on the size of an organisation to conduct attacks. However, small businesses are extremely vulnerable to spear-phishing attacks because they collectively have a substantial economic value and often lack security resources or expertise. This gives the malicious attackers better opportunities to take advantage. That’s why it’s important for businesses of all sizes to prioritise investments in security, both in terms of technology and user education. After all, the damage caused by a breach or a compromised account can be devastating to smaller businesses.”

Resources:

Download the full report: https://www.barracuda.com/spearphishing-vol7

Read the blog post: http://cuda.co/50710

Read Vol. 1 – Best practices to defeat evolving attacks: https://www.barracuda.com/spear-phishing-report

Read Vol. 2 – Email account takeover and defending against lateral phishing attacks: https://www.barracuda.com/spear-phishing-report-2

Read Vol. 3 – Defending against business email compromise attacks: https://www.barracuda.com/spear-phishing-report-3

Read Vol. 4 – Insights into attacker activity in compromised email accounts: https://www.barracuda.com/spear-phishing-report-4

Read Vol. 5 – Best practices to defend against evolving attacks: https://www.barracuda.com/spear-phishing-report-5

Read Vol. 6 – Insights into attackers’ evolving tactics and who they’re targeting: https://www.barracuda.com/spearphishing-vol6

Read the e-book: 13 Email Threat Types to Know About Right Now:  https://www.barracuda.com/13-threats-report

Share on Facebook

Tweet

Follow us

Save