Spear phishing has quickly become one of the hottest and most dangerous cyberattacks around the world. The numbers vary based on how costs are counted and crimes are categorized, but the IC3 reported that businesses suffered over $48 million in phishing-related losses in the year 2018 (pdf). The numbers are much higher when you consider that Business Email Compromise (BEC), corporate data breach, and other types of crimes that can be related to phishing attacks are categorized separately. The Anti-Phishing Working Group recently reported that phishing attacks on SaaS and webmail services doubled in Q4 of 2018, and the 2018 Verizon Data Breach Investigation Report (DBIR) states that an average of 4% of the targets in a phishing campaign will fall for the attack. According to the same report, the company has only 16 minutes until someone in that 4% will act on the scam. It will be another 12 minutes before someone reports the attack to the IT team. The numbers get really crazy when you bring mobile attacks into the mix. You can get details on these in the 2019 Verizon DBIR.
Christine Barry is Senior Chief Blogger and Social Media Manager at Barracuda. In this role, she helps bring Barracuda stories to life and facilitate communication between the public and Barracuda internal teams. Prior to joining Barracuda, Christine was a field engineer and project manager for K12 and SMB clients for over 15 years. She holds several technology credentials, a Bachelor of Arts, and a Master of Business Administration. She is a graduate of the University of Michigan.