Microsoft the No. 1 Most-Spoofed Brand in Phishing Attacks

New Barracuda Networks data shows attackers sent some 3 million emails from around 12,000 pilfered accounts.

Dark Reading Staff, Dark Reading

March 16, 2022

1 Min Read
Dark Reading logo in a gray background | Dark Reading

Nearly 60% of all phishing attacks impersonate Microsoft and about half a million Microsoft 365 accounts were compromised in 2021, new data shows.

Barracuda Networks' telemetry — from from millions of emails it analyzed — shows that in 2021, a little over half of all social engineering attacks came via phishing, and Microsoft was the most-impersonated brand in those attack attempts. Overall, attackers sent 3 million emails from 12,000 compromised accounts, and one in five organizations suffered an account compromise last year.

It may seem counterintuitive, but an employee at a small business with less than 100 employees sees, on average, 350% more social engineering attacks than an employee at a larger organization, the report says. Large organizations get hit with more attacks due to their size, Barracuda says.

"For example, a business with over 2,000 employees will be targeted with over 5,000 social engineering email attacks every year. That number is a lot smaller for organizations with fewer employees," according to the report. "However, the picture is reversed when it comes to the volume of attacks per mailbox. The smaller the organization, the more likely their employees are to be targets for an attack" because they typically don't have security expertise or resources.

About the Author

Dark Reading Staff

Dark Reading

Dark Reading is a leading cybersecurity media site.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights