Barracuda has released a report detailing key findings about business email compromise attacks.
The latest report, titled “Spear Phishing: Top Threats and Trends Vol. 3 – Defending against business email compromise attacks,” reveals new details about these highly targeted threats, including the latest tactics used by cybercriminals and the steps you can take to help defend your business.
The report takes a detailed look at how crafty spear-phishing attacks use convincing impersonation, strategic targeting, careful timing, and social engineering to steal money or personally identifiable information.
It also tackles how organizations can use advanced detection techniques, security awareness training, and other strategies and solutions to successfully prevent these costly and damaging attacks.
Barracuda’s research reveals insights into how these targeted attacks are impacting businesses and the approaches cybercriminals are using to try to make them more persuasive.
Key findings include:
- 91 percent of BEC attacks take place on weekdays, with many being sent during typical business hours for the targeted organization to make them more convincing.
- The average BEC attack targets no more than six employees, and 94.5 percent of all attacks target less than 25 people.
- 85 percent of business email compromise attacks are urgent requests designed to get a fast response.
- Business email compromise attacks have high click-thru rates. One in 10 spear-phishing emails successfully tricks a user into clicking. That number triples for emails that impersonate someone from HR or IT.
- In the past 12 months, the average amount lost per organization due to spear-phishing attacks was $270,000.
To access the report, click here.