Spear-phishing report: Attackers’ evolving tactics and targets

As cybercriminals adjust who they’re targeting most, all employees, not just top executives, need to be prepared for spear-phishing attacks.

Between May 2020 and June 2021, Barracuda researchers analyzed more than 12 million spear phishing and social engineering attacks impacting more than 3 million mailboxes at over 17,000 organizations. They share the findings from their analysis in the new report Spear Phishing: Top Threats and Trends Vol. 6 – Insights into Attackers’ Evolving Tactics and Who They’re Targeting. This in-depth report takes a look at the current trends in spear phishing, which employees are being targeted the most by different attacks, and the new tricks attackers are using to sneak past victims’ defenses.

Get your free copy right now

A closer look at key findings

Barracuda’s research reveals key takeaways about how these attacks are evolving and how cybercriminals targeting new types of employees in an attempt to find an easier way into your organization.

• 1 in 10 social engineering attacks are business email compromise.


• 43% of phishing attacks impersonate Microsoft.


• An average organization is targeted by over 700 social engineering attacks each year.


• 77% of BEC attacks target employees outside of financial and executive roles.


• An average CEO will receive 57 targeted phishing attacks in a year.


• 1 in 5 BEC attacks target employees in sales roles.


• IT staffers receive an average of 40 targeted phishing attacks in a year.

Get your free copy of Spear Phishing: Top Threats and Trends Vol. 6 – Insights into Attackers’ Evolving Tactics and Who They’re Targeting now to see all the latest details, fresh insights on the current attack trends, and the best practices to help protect your business from spear-phishing attacks.

Get your free copy right now