Microsoft Most Impersonated in Phishing Attacks
April 4, 2022
report, titled Spear Phishing: Top Threats and Trends Vol. 7 – Key
findings on the latest social engineering tactics and the growing
complexity of attacks, reveals fresh insights into recent trends in
spear-phishing attacks and what you can do to protect your business.
The report examines current trends in spear phishing, which
businesses are most likely to be targeted, the new tricks attackers
are using to sneak past victims’ defenses, and the number of
accounts that are being compromised successfully. It also tackles
the best practices and technology that organizations should be using
to defend against these types of attacks.
An in-depth look at attack trends
Between January 2021 and December 2021, Barracuda researchers
analyzed millions of emails across thousands of businesses. Here are
some of the key takeaways from their analysis:
• An average employee of a small business with less than 100
employees will experience 350% more social engineering attacks than
an employee of a larger enterprise.
• Conversation hijacking grew almost 270% in 2021.
51% of social engineering attacks are phishing.
• Microsoft is the most impersonated brand, used in 57% of phishing
• 1 in 5 organizations had an account compromised in 2021.
• Cybercriminals compromised approximately 500,000 Microsoft 365
accounts in 2021.
• 1 in 3 malicious logins into compromised accounts came from
• Cybercriminals sent out 3 million messages from 12,000 compromised
“Small businesses often have fewer resources and lack security
expertise, which leaves them more vulnerable to spear-phishing
attacks, and cybercriminals are taking advantage,” said Don
MacLennan, SVP, Engineering & Product Management, Email Protection,
Barracuda. “That’s why it’s important for businesses of all sizes
not to overlook investing in security, both technology and user
education. The damage caused by a breach or a compromised account
can be even more costly.”