"A Third of Malicious Logins Originate in Nigeria"

A spear-phishing study by security company Barracuda has found that a third of malicious logins into compromised accounts in 2021 came from Nigeria.  The security researchers stated that a significant shift is underway as cybercriminals move from volumetric to targeted attacks and from malware to social engineering.  The researchers found that 51% of social engineering attacks were phishing.  Microsoft was the most impersonated brand, used in 57% of phishing attacks.  The researchers found that approximately 500,000 Microsoft 365 accounts were compromised by threat actors in 2021.  The researchers also found that one in five organizations had an account compromised in 2021, with employees at small enterprises more than three times more likely to be attacked.  An average employee of a business with fewer than 100 employees will receive 350% more social engineering attacks than someone employed at a larger company.  The researchers observed a significant increase in the popularity of conversation hijacking attacks, with the volume of attacks exploiting this vector increasing by 270% over the year. 

Infosecurity reports: "A Third of Malicious Logins Originate in Nigeria"