Tessian provided statistics on the malicious emails detected by its Tessian Defender software set, over a 12 month period. Data was collected as part of Tessian’s “Spear Phishing Threat Landscape 2021” report.
The company – whose mission is to “secure the human layer by empowering people to do their best work, without security getting in their way” – noted that its application detected nearly two million dangerous messages, all of which it claims “slipped past Secure Email Gateways (SEGs) and native tools to land in employees’ inboxes.”
Some of the report’s findings included:
- Retail being the most frequently targeted industry, without a definitive preference as to size.
- Most phishing attacks occurring between 2PM and 6PM, with “very little fluctuation day-to-day.”
- An average of 14 malicious emails, per-year/employee, across all industries.
- Display name spoofing the most common impersonation tactic.
- Payloads most-often delivered via URL, rather than attachment.
- Keywords related to wire transfers more-frequently observed than credentials.
The full report is available for download.