IT staffers receive an average of 40 targeted phishing attacks in a year

Barracuda released key findings about the way spear phishing attacks are evolving and who cybercriminals are targeting with these attacks. The report, titled Spear Phishing: Top Threats and Trends Vol. 6 – Insights into attackers’ evolving tactics and who they’re targeting, reveals fresh insights into recent trends in spear-phishing attacks and what you can do to protect your business.

The report examines current trends in spear phishing, which employees are being targeted the most by different attacks, and the new tricks attackers are using to sneak past victims’ defenses. It also tackles the best practices and technology that organizations should be using to defend against these types of attacks.

A closer look at attack trends

Between May 2020 and June 2021, Barracuda researchers analyzed more than 12 million spear phishing and social engineering attacks impacting more than 3 million mailboxes at over 17,000 organizations. Here are some of the key takeaways from their analysis:

• 1 in 10 social engineering attacks are business email compromises.
• 43% of phishing attacks impersonate Microsoft.
• An average organization is targeted by over 700 social engineering attacks each year.
• 77% of BEC attacks target employees outside of financial and executive roles.
• An average CEO will receive 57 targeted phishing attacks in a year.
• 1 in 5 BEC attacks target employees in sales roles.
• IT staffers receive an average of 40 targeted phishing attacks in a year.