New research by Barracuda sheds light on the evolving strategies used by cybercriminals in email-based spear-phishing attacks. The report distinguishes between three types of spear phishing: brand impersonation attacks, business email compromise (BEC) and extortion. Brand impersonation is the most popular strategy by far, accounting for 83% of attacks.
Extortion scams targeting employees are twice as common as BEC scams. Especially popular are sextortion scams, in which victims are told to pay a ransom to prevent the threat actor from releasing webcam footage they allegedly recorded of them visiting adult websites. These make up 10% of all spear-phishing attacks.
Read more: Latest tactics used by cybercriminals to bypass traditional email security