Barracuda: Average Company Hit with 700 Social Engineering Attacks Per Year

Barracuda released a new report in which it investigated instances of spear phishing attacks, noting that “all employees” – and not only top executives – need to be better prepared.

The company’s “Spear Phishing: Top Threats and Trends Vol. 6 – Insights” report examined the evolving techniques employed by attackers, as well as their most-common targets, noting that 10 percent of social engineering attacks relate to business email compromise, while 43 percent of phishing strikes are designed to impersonate Microsoft software.

Barracuda noted that the average organization is targeted in more than 700 social engineering attacks each year, amounting to nearly two per day, with most CEOs (57) and general IT staffers (40) targeted in phishing attempts over the same period.

At the same time, instances of business email compromise tended, 20 percent of the time, to target those in sales roles, likely due to increased accessibility of their contact information, while 77 percent of such attacks targeted those “outside of financial and executive roles.”

Respondents were surveyed during the 13-month period from May 2020-June 2021. Over this time, Barracuda investigated 12 million instances of spear phishing and social engineering attacks, as well as their impact on 17,000 organizations and three million email inboxes.