Security Market Segment LS
Tuesday, 03 August 2021 12:08

Dramatic increase in email phishing attacks Featured

By Staff Writer
Don MacLennan, SVP, Engineering & Product Management, Email Protection, Barracuda Don MacLennan, SVP, Engineering & Product Management, Email Protection, Barracuda

Email mailboxes at thousands of organisations have been hit by more than 12 million spear phishing and social engineering attacks between May 2020 and June 2021, according to a new report on email security.

According to the report by cloud security and data protection solutions vendor Barracuda Networks the dramatic increase in spear phishing and social engineering attacks affected more than three million mailboxes at more than 17,000 organisations, with key results revealing that:

  • 1 in 10 social engineering attacks involve business email compromise (BEC)There has been a noticeable shift from volumetric to targeted attacks
  • 77% of BEC attacks target employees outside of financial and executive roles 
  • 1 in 5 BEC attacks target employees in sales roles
  • IT staffers receive an average of 40 targeted phishing attacks in a year
  • Phishing impersonation attacks made up 46% of all social engineering attacks in June 2020 and grew to 56% by May, 2021.

Barracuda says that the research - Spear Phishing: Top Threats and Trends Vol. 6 Insights into attackers’ evolving tactics and who they’re targeting - found that, while extortion attacks made up only 2% of the total during the past year, the number reported actually increased by 78% on the previous 12 months and estimated losses were more than US$70 million.

Barracuda says that phishing impersonation, where a criminal pretends to be a legitimate brand, continues to be a popular tactic.

During the 12 months covered by the research, Microsoft was used in 43% of phishing attacks and this was followed by WeTransfer (18%), DHL (8%) and Google (8%).

“BEC attacks continue to target a variety of key roles within organisations,” says Barracuda.

“These include sales staff who experienced 19% of attacks, finance (13%), managers, directors and VPs (12%), and project managers (10%).

Recent rises in the values of major cryptocurrencies has led to this becoming a favoured angle for cybercriminals.

“Bitcoin increased in value by almost 400% between October 2020 and April 2021, and during the same period cyberattacks using impersonation techniques grew by 192%.

“Crypto-related scam messages also tend to contain certain key terms, designed to instil a sense of urgency among intended victims. Common terms include ‘urgently today’, ‘nearest bitcoin machine’, and ‘day runs’.”

Barracuda says that with the threats posed by phishing attacks set to rise even further, organisations should be taking a range of protective measures, including:

  • Using artificial intelligence tools to spot suspicious attacks before they can be launched
  • Training staff about the types of threats in circulation and what they need to do to avoid becoming a victim
  • Reviewing internal policies and guidelines about how email messages are treated
  • Deploying account takeover protection as many attacks originate from compromised accounts

“Cybercriminals are getting sneakier about who they target with their attacks, often targeting employees outside the finance and executive teams, looking for a weak link in your organisation,” said Don MacLennan, SVP, Engineering & Product Management, Email Protection, Barracuda. 

“Targeting lower level employees offers them a way to get in the door and then work their way up to higher value targets. That’s why it’s important to make sure you have protection and training for all employees, not just focus on the ones you think are the most likely to be attacked.”

To read the full Barracuda report click here.

Subscribe to ITWIRE UPDATE Newsletter here


It's all about Webinars.

Marketing budgets are now focused on Webinars combined with Lead Generation.

If you wish to promote a Webinar we recommend at least a 3 to 4 week campaign prior to your event.

The iTWire campaign will include extensive adverts on our News Site and prominent Newsletter promotion and Promotional News & Editorial. Plus a video interview of the key speaker on iTWire TV which will be used in Promotional Posts on the iTWire Home Page.

Now we are coming out of Lockdown iTWire will be focussed to assisting with your webinatrs and campaigns and assassistance via part payments and extended terms, a Webinar Business Booster Pack and other supportive programs. We can also create your adverts and written content plus coordinate your video interview.

We look forward to discussing your campaign goals with you. Please click the button below.



iTWire TV offers a unique value to the Tech Sector by providing a range of video interviews, news, views and reviews, and also provides the opportunity for vendors to promote your company and your marketing messages.

We work with you to develop the message and conduct the interview or product review in a safe and collaborative way. Unlike other Tech YouTube channels, we create a story around your message and post that on the homepage of ITWire, linking to your message.

In addition, your interview post message can be displayed in up to 7 different post displays on our the site to drive traffic and readers to your video content and downloads. This can be a significant Lead Generation opportunity for your business.

We also provide 3 videos in one recording/sitting if you require so that you have a series of videos to promote to your customers. Your sales team can add your emails to sales collateral and to the footer of their sales and marketing emails.

See the latest in Tech News, Views, Interviews, Reviews, Product Promos and Events. Plus funny videos from our readers and customers.


Share News tips for the iTWire Journalists? Your tip will be anonymous




Guest Opinion

Guest Reviews

Guest Research

Guest Research & Case Studies

Channel News