Business email compromise (BEC) attacks pack quite a punch, despite making up a comparatively small percentage of overall number of spear phishing attacks. According to a recent report from FBI’s Internet Crime Complaint Center, complaints filed between June 2016 and July 2019 about business email compromise had a total exposed dollar loss of more than $26 billion.
Barracuda researchers recently took a closer look at these highly targeted and costly attacks, uncovering the latest tactics used by cybercriminals and the steps you can take to help defend your business. They share their findings in the new report Spear Phishing: Top Threats and Trends Vol. 3 – Defending Against Business Email Compromise Attacks.
The report takes an in-depth look at how BEC attacks use impersonation, strategic targeting, careful timing, and social engineering to steal money or personally identifiable information. It also covers ways that organizations can use advanced detection techniques, security awareness training, and other solutions to successfully prevent these attacks.
Fresh insights on BEC attacks
Barracuda’s research reveals some interesting information about business email compromise and the tactics attackers are using to make their emails convincing and trick their victims. Highlights from the report include:
- 91 percent of BEC attacks take place on weekdays, with many being sent during typical business hours for the targeted organization to make them more convincing.
- The average BEC attack targets no more than six employees, and 94.5 percent of all attacks target less than 25 people.
- 85 percent of business email compromise attacks are urgent requests designed to get a fast response.
- Business email compromise attacks have high click-thru rates. One in 10 spear-phishing emails successfully tricks a user into clicking. That number triples for emails that impersonate someone from HR or IT.
- In the past 12 months, the average amount lost per organization due to spear-phishing attacks was $270,000.
Get your copy of Spear Phishing: Top Threats and Trends Vol. 3 – Defending Against Business Email Compromise Attacks now to see the full results for yourself and get expert advice on how to defend against these types of attacks. Staying informed and taking the proper precautions can help you keep your organization protected from BEC attacks.
Photo: Glenn Carstens-Peters / Unsplash.com.