PhishLabs said the number of organizations targeted with BEC attacks grew tremendously in 2015 as attackers refined their techniques and sought new victims. In all, 22 percent of Spear Phishing attacks the company analyzed in 2015 were motivated by financial fraud or related crimes.
“BEC attacks target smaller more nimble organizations, where exceptions to standard accounting processes are more likely to be made based on personal requests from members of the executive team. Analysis of attack indicators shows that in most cases, targeting requires very little effort. BEC attackers appear to glean the information they need from readily-available public sources and business networking sites,” the report explains.