Criminals are more likely to target smaller companies for social engineering attacks. This should be apparent from an investigation by security guard Barracuda.
In a report, the company states that an employee at an SME with fewer than 100 employees is on average 3.5 times more likely to be targeted by spear-phishing than an employee at larger organizations.
In spear phishing, criminals pretend to be someone from a well-known organization or a colleague to entice users to pass on information or download a malicious file. In 2021, according to Barracuda, gangs sent about three million messages through 12,000 compromised accounts.
The research is yet to show that the hijacking of e-mail conversations increased by about 270% last year. About half of those cases involved phishing—another striking fact: especially Microsoft accounts are counterfeited. The brand was imitated in 57% of the phishing attacks found. About half a million Microsoft 365 accounts were hacked last year.