London, 16th March 2022 – An average employee of a small business with less than 100 employees will experience 350 per cent more social engineering attacks than an employee of a larger enterprise, reveals new research from Barracuda Networks, a trusted partner and leading provider of cloud-first security solutions.
This amounts to an average of 17 email attacks per mailbox for small-business employees, compared to just five email attacks per inbox for employees of large firms with over 2,000 employers.
The report these findings were contained in, titled Spear Phishing: Top Threats and Trends Vol. 7 – Key findings on the latest social engineering tactics and the growing complexity of attacks, reveals fresh insights into recent trends in spear-phishing attacks, which businesses are most likely to be targeted, the new tricks attackers are using to sneak past victims’ defences, and the number of accounts that are being compromised successfully, using data from millions of emails across thousands of businesses between January 2021 and December 2021.
As well as the threat facing small business employees, the data also revealed that conversation hijacking attacks facing all organisations grew by 270 per cent, and phishing is still the most common form of social engineering attack, accounting for 51 per cent of them. Business Email Compromise attacks are also on the rise, and they now account for nine per cent of all social engineering attacks.
As a result of this growing threat, one in five organisations were observed to have had at least one account compromised by a cyber attacker during 2021.
Amidst the rising complexity of threats, cybercriminals are impersonating top well-known brands to formulate their attacks. It was found that Microsoft were used in 57 per cent of phishing attacks. And, cyber criminals compromised approximately 500,000 Microsoft 365 accounts over the year.
Other brands commonly used included Google, DHL and LinkedIn which can provide hackers with a wealth of sensitive personal data.
Furthermore, in total, Barracuda researchers observed that three million messages from 12,000 compromised accounts had been sent out over the course of 2021, and one in three malicious logins into compromised accounts originated from Nigeria.
Don MacLennan, SVP, Engineering & Product Management, Email Protection, Barracuda
“Small businesses often have fewer resources and lack security expertise, which leaves them more vulnerable to spear-phishing attacks, and cybercriminals are taking advantage.
“That’s why it’s important for businesses of all sizes not to overlook investing in security, both technology and user education. The damage caused by a breach or a compromised account can be even more costly.”
Jesse Pitts has been with the Global Banking & Finance Review since 2016, serving in various capacities, including Graphic Designer, Content Publisher, and Editorial Assistant. As the sole graphic designer for the company, Jesse plays a crucial role in shaping the visual identity of Global Banking & Finance Review. Additionally, Jesse manages the publishing of content across multiple platforms, including Global Banking & Finance Review, Asset Digest, Biz Dispatch, Blockchain Tribune, Business Express, Brands Journal, Companies Digest, Economy Standard, Entrepreneur Tribune, Finance Digest, Fintech Herald, Global Islamic Finance Magazine, International Releases, Online World News, Luxury Adviser, Palmbay Herald, Startup Observer, Technology Dispatch, Trading Herald, and Wealth Tribune.