As their speedy exploitation of fears around the COVID-19 pandemic show, cybercriminals adapt quickly to current events and new tactics.
Centrality’s partner, Barracuda, recently spent several months analyzing spear-phishing attacks looking for new patterns and tactics. They share their findings in the new report Spear Phishing: Top Threats and Trends Vol. 5 – Best Practices to Defend Against Evolving Attacks. This in-depth report takes a look at the evolving trends in spear phishing and the new ways attackers are tricking their victims.
Fresh insights on email attack trends
Barracuda’s research reveals key takeaways about how these targeted attacks are evolving and the approaches cybercriminals are using to maximize their impact.
- Business email compromise (BEC) makes up 12% of the spear-phishing attacks analyzed, an increase from just 7% in 2019.
- 72% of COVID-19-related attacks are scamming. In comparison, 36% of overall attacks are scamming. Attackers prefer to use COVID-19 in their less targeted scamming attacks that focus on fake cures and donations.
- 13% of all spear-phishing attacks come from internally compromised accounts, so organizations need to invest in protecting their internal email traffic as much as they do in protecting from external senders.
- 71% of spear-phishing attacks include malicious URLs, but only 30% of BEC attacks included a link. Hackers using BEC want to establish trust with their victim and expect a reply to their email, and the lack of a URL makes it harder to detect the attack.
Get your free copy of Spear Phishing: Top Threats and Trends Vol. 5 – Best Practices to Defend Against Evolving Attacks now to see all the revealing details, the latest tactics used by scammers and the best practices to defend against spear-phishing attacks. Get new analysis and insight to help protect your business from these targeted, sophisticated, evolving threats.