Business Email Compromise Report

This morning, GreatHorn released its 2021 Business Email Compromise Report, which proved that spoofing attacks are en vogue – 71% were victims of a spoofed email account, and 69% experienced a spear-phishing attack. As for who’s most at-risk, the finance department has a target on its back – 34% said finance-related employees are the most frequent victims of spear-phishing attempts. This begs the question – should finance teams have different or additional cybersecurity training?

Other highlights include:

  • PII is the jackpot: nearly 50% of all attacks result from the spoofing of an individual’s identity in the display name. Cybercriminals are also using company names (68%), names of individual targets (66%), and the name of boss/managers (53%) to conduct their attacks.
  • Email is still the channel of choice: 1 out of 4 organizations say 76-100% of malware they detect is delivered to inboxes, and almost 30% say that more than half of links received via email lead to a malicious site
  • Cybercrime isn’t taking any days off: 65% of IT security pros say their organization has experienced spear phishing in 2021, while over half (51%) say it has increased in the last 12 months.
  • Finally, some good news: 69% say that their organization is prepared to handle a cyberattack, and 71% believe their employees are prepared to identify a malicious email.