A spear-phishing study by security company Barracuda has found that a third of malicious logins into compromised accounts in 2021 came from Nigeria.
The finding was included in the Spear Phishing: Top Threats and Trends Vol. 7 – Key findings on the latest social engineering tactics and the growing complexity of attacks report, released by the company on Wednesday.
The report is based on Barracuda researchers’ analysis of “millions of emails across thousands of businesses” between January 2021 and December 2021.
Researchers observed: “A significant shift is underway as cyber-criminals move from volumetric to targeted attacks, from malware to social engineering, from operating as single hackers to forming organized criminal enterprises profiting from attacks that begin with a single phishing email.”
They found that 51% of social engineering attacks were phishing. Microsoft was the most impersonated brand, used in 57% of phishing attacks. Researchers found that approximately 500,000 Microsoft 365 accounts were compromised by threat actors in 2021.
One in five organizations had an account compromised in 2021, with employees at small enterprises more than three times more likely to be attacked. An average employee of a business with fewer than 100 employees will receive 350% more social engineering attacks than someone employed at a larger company.
A large increase in the popularity of conversation hijacking attacks was observed, with the volume of attacks exploiting this vector increasing by 270% over the year. Read more:https://bit.ly/3tqnXWc