According to the report by cloud security and data protection solutions vendor Barracuda Networks the dramatic increase in spear phishing and social engineering attacks affected more than three million mailboxes at more than 17,000 organisations, with key results revealing that:
- 1 in 10 social engineering attacks involve business email compromise (BEC)There has been a noticeable shift from volumetric to targeted attacks
- 77% of BEC attacks target employees outside of financial and executive roles
- 1 in 5 BEC attacks target employees in sales roles
- IT staffers receive an average of 40 targeted phishing attacks in a year
- Phishing impersonation attacks made up 46% of all social engineering attacks in June 2020 and grew to 56% by May, 2021.
Barracuda says that the research - Spear Phishing: Top Threats and Trends Vol. 6 – Insights into attackers’ evolving tactics and who they’re targeting - found that, while extortion attacks made up only 2% of the total during the past year, the number reported actually increased by 78% on the previous 12 months and estimated losses were more than US$70 million.
Barracuda says that phishing impersonation, where a criminal pretends to be a legitimate brand, continues to be a popular tactic.
During the 12 months covered by the research, Microsoft was used in 43% of phishing attacks and this was followed by WeTransfer (18%), DHL (8%) and Google (8%).
“BEC attacks continue to target a variety of key roles within organisations,” says Barracuda.
“These include sales staff who experienced 19% of attacks, finance (13%), managers, directors and VPs (12%), and project managers (10%).
Recent rises in the values of major cryptocurrencies has led to this becoming a favoured angle for cybercriminals.
“Bitcoin increased in value by almost 400% between October 2020 and April 2021, and during the same period cyberattacks using impersonation techniques grew by 192%.
“Crypto-related scam messages also tend to contain certain key terms, designed to instil a sense of urgency among intended victims. Common terms include ‘urgently today’, ‘nearest bitcoin machine’, and ‘day runs’.”
Barracuda says that with the threats posed by phishing attacks set to rise even further, organisations should be taking a range of protective measures, including:
- Using artificial intelligence tools to spot suspicious attacks before they can be launched
- Training staff about the types of threats in circulation and what they need to do to avoid becoming a victim
- Reviewing internal policies and guidelines about how email messages are treated
- Deploying account takeover protection as many attacks originate from compromised accounts
“Cybercriminals are getting sneakier about who they target with their attacks, often targeting employees outside the finance and executive teams, looking for a weak link in your organisation,” said Don MacLennan, SVP, Engineering & Product Management, Email Protection, Barracuda.
“Targeting lower level employees offers them a way to get in the door and then work their way up to higher value targets. That’s why it’s important to make sure you have protection and training for all employees, not just focus on the ones you think are the most likely to be attacked.”
To read the full Barracuda report click here.