Barracuda released key findings about the ways cybercriminals are attacking and exploiting email accounts. The report reveals a specialized economy emerging around email account takeover and takes an in-depth look at the threats organizations face and the types of defense strategies you need to have in place.
More than one-third of the hijacked accounts analyzed by researchers had attackers dwelling in the account for more than one week.
20% of compromised accounts appear in at least one online password data breach, which suggests that cybercriminals are exploiting credential reuse across employees’ personal and organization accounts.
In 31% of these compromises one set of attackers focuses on compromising accounts and then sells account access to another set of cybercriminals who focus on monetizing the hijacked accounts.
78% of attackers did not access any applications outside of email.