A recent study conducted by Barracuda Networks, a leading cloud security company, sheds light on the escalating threat of social engineering attacks targeting small businesses. Analyzing millions of emails across thousands of companies between January 2021 and December 2021, researchers uncovered a startling trend: employees of small businesses with fewer than 100 employees are subjected to a staggering 350% more social engineering attacks compared to their counterparts in larger enterprises.
Don MacLennan, Barracuda’s Senior Vice President of Engineering and Product Management for email protection, attributes this vulnerability to the resource constraints and lack of security expertise often found in small businesses. He emphasizes that cybercriminals are capitalizing on these weaknesses, particularly through spear-phishing attacks, to infiltrate small business networks and access sensitive information.
The report further reveals that cybercriminals are strategically targeting high-value accounts, with CEOs and CFOs being nearly twice as likely to have their accounts compromised compared to average employees. Once infiltrated, hackers exploit these executive-level accounts to gather intelligence or launch sophisticated attacks within the organization. Additionally, executive assistants are identified as prime targets due to their access to executive accounts and calendars, presenting cybercriminals with opportunities to impersonate executives and perpetrate further cybercrimes. As cyber threats continue to evolve, it is imperative for small businesses to prioritize cybersecurity measures and seek appropriate support to defend against these increasingly sophisticated attacks.
