How Spear Phishing Email Is Becoming a Growing Threat | eWeek

How Spear Phishing Email Is Becoming a Growing Threat

Barrcuda Spear Phishing
Mar 19, 2019
3 minute read
eWeek content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More

Email security is top of mind for many organizations, with one of the primary threats coming from a type of attack known as spear phishing.

Phishing is a well-understood type of email threat where attackers send unsolicited email with some kind of hook to attract and trick a victim into clicking a link that can lead to a malware infection. While phishing in general is not targeted but instead is a broad-based attack, spear phishing is a very targeted attack, with attackers aiming the lure at specific individuals within organizations.

A new Barracuda Networks report released March 19, based on an evaluation of more than 360,000 spear phishing emails analyzed over a three-month period, provides new insight into how the attack works. In this eWEEK Data Points article, we look at some of the key findings and recommendations from the report.


Data Point No. 1: Sextortion blackmail scams are growing

In a sextortion scam, an attacker attempts to trick a spear phishing target with the threat of some kind of knowledge about potentially inappropriate behavior.

“A few months ago, this type of attack didn’t even exist, and now it is one of the most popular techniques, accounting for one in 10 of all spear-phishing emails,” Asaf Cidon, vice president of content security at Barracuda, told eWEEK. “The rapid increase indicates that this method is highly successful; otherwise, the attackers wouldn’t be spending so much time on it.”

Data Point No. 2: Tuesday is the most popular day

  • While spam and general phishing attacks can and do occur any day of the week, attackers in spear phishing campaigns generally focus on business users during the workweek. 
  • Barracuda found that peak spear phishing activity occurs Tuesday through Thursday, with Tuesday being the busiest day, accounting for 20 percent of all spear phishing email deliveries.

Data Point No. 3: Brand impersonation emails bypass traditional email security

  • Eighty-three percent of spear phishing emails impersonated a well-known brand, with 20 percent impersonating a financial institution.
  • According to Barracuda, the brand impersonation emails are able to bypass some traditional email security systems as they appear to originate from high-reputation senders. 

Data Point No. 4: Impersonating Microsoft is a common technique

  • The single most impersonated brand in spear phishing campaigns according to Barracuda is Microsoft, which accounted for 32 percent of emails. Not far behind is Apple at 21 percent.
  • By impersonating the well-known technology vendors, attackers aim to trick victims into giving up information and potentially enabling account takeover.

Data Point No. 5: “Request” is the top Business Email Compromise subject line

  • Business Email Compromise (BEC) is a form of spear phishing where an attacker attempts to trick a victim into paying a fraudulent invoice.
  • Barracuda found that the top subject line used in BEC spear phishing emails included the word “request,” which was in 36 percent of BEC email subject lines. The second most popular was “follow up” at 14 percent and then “Urgent/important” at 12 percent.

Data Point No. 6: Limiting the risk from spear phishing involves multiple technologies

There is no one technology approach that effectively blocks all types of spear phishing attacks.  

Rather than simply relying on traditional reputation-based approaches for email security, Barracuda recommends organizations consider the use of account-takeover protection, DMARC (Domain-based Message Authentication, Report and Conformance) authentication and awareness training.

Data Point No. 7: New attacks are coming

Given the success of spear phishing attacks, it’s likely that over the course of 2019 and beyond email attack vectors will change in different and unknown ways.

“It is very hard to anticipate, since attackers are always looking for creative ways to bypass security systems,” Cidon said. “I can definitely anticipate that we will see new types of unanticipated attacks.”

Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com. Follow him on Twitter @TechJournalist.

eWeek Logo

eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site's focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

Property of TechnologyAdvice. © 2026 TechnologyAdvice. All Rights Reserved

Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.