August 18, 2016 | Faculty Reports | Security Awareness, Phishing, Social Engineering | By Kevin Beaver, IANS Faculty
Some 32% of spear-phishing attacks spoofed the Microsoft brand, followed by Apple (21%) and DocuSign (8%). Nearly one in five attacks involve impersonation of a financial institution.
The word “request” is the most common term found in the subject lines of business email compromise (BEC) attacks (36 percent), followed by “follow up” (14 percent) and “urgent/important” (12 percent).
Brand impersonation is the most common type of spear-phishing attack, accounting for 83 percent. Blackmail spear-phishing attacks took second at 11 percent, while business email compromise occurred in 6 percent of cases.
Gmail accounts are most often used to launch business email compromise attacks (30%), followed by AOL accounts (11%) and rr.com domains (7%).