India Phishing Attacks Spear Barracuda Networks Organisations Breach
India receives the highest number of suspicious emails per day and 53 percent of Indian firms were victims of spear-phishing last year. One Indian firm receives five highly-personalized spear-phishing emails per day and users at companies with more than 50 percent remote workforce are witnessing higher levels of suspicious emails, says a new report.
Spear-phishing attacks comprise only 0.1 percent of all e-mail-based attacks, but they are responsible for 66 percent of all breaches. According to the 2023 Spear-Phishing Tends Report, on average 24 percent had at least one email account compromised through an account takeover.
On average, 24 percent of Indian organizations had at least one email account compromised through account takeover, according to a new report by IT security firm Barracuda Networks. On average, organizations take nearly 100 hours to identify, respond to, and remediate a post-delivery email threat.
Spear phishing is a highly-personalized form of email attack. Spear-phishing emails essentially work by trying to steal sensitive information, such as login credentials or financial information, which is then used to commit fraud, identity theft, and other crimes.
Meanwhile, Indian organizations take 67 hours to detect the attack and 53 hours to respond and remediate after the attack is detected.
“Even though spear phishing is low volume, with its targeted and social engineering tactics, the technique leads to a disproportionate number of successful breaches, and the impact of just one successful attack can be devastating,” Fleming Shi, CTO, of Barracuda, said in a statement.
About 63 percent of Indian respondents that experienced a spear-phishing attack reported machines infected with malware or viruses, 61 percent reported having stolen login credentials or account takeover and 56 percent reported having sensitive data stolen, the report noted.
Spear-phishing attacks make up only 0.1 percent of all email-based attacks, according to Barracuda data, but they are responsible for 66 percent of all breaches, the findings showed.
“Users at companies with more than a 50 percent remote workforce report higher levels of suspicious emails — 12 per day on average, compared to 9 per day for those with less than a 50 percent remote workforce,” the findings showed.
Overall, the research revealed that cybercriminals continue to barrage organizations with targeted email attacks, and many companies are struggling to keep up. While spear-phishing attacks are low-volume, they are widespread and highly successful compared to other types of email attacks.
“To help stay ahead of these highly effective attacks, businesses must invest in account takeover protection solutions with artificial intelligence capabilities,” added Fleming.