Business-Related Applications Are the Most Frequently Impersonated Over Email By Cybercriminals, Spoofed More Regularly Than Consumer and Social Applications

New research from GreatHorn shows cybercriminals abandoning the “batch and blast” tactic for a less frequent but more targeted approach

Waltham, MA – Thursday, March 4, 2021 – Cybercriminals have wasted little time in capitalizing on the vulnerabilities that come with remote work, and their attacks have been highly targeted. This is according to the fourth annual Email Security Challenges, Trends and Benchmarks survey report, released today by GreatHorn. The report revealed that business-related applications, those that have allowed employees to collaborate and stay productive over the past year, are by far the most frequently impersonated by cybercriminals.

To develop the report, GreatHorn collected data from over 588 participants working across a diverse set of roles within the information technology security market segment. The respondents hold various roles in IT as well as in the C-suite. The results of the report identify not only the challenges, but also the changes companies have encountered in the past year and the email threats that remain present today.

Cybercriminals Capitalizing on Work From Home Business-Related Applications

As employees continue to work from home, expanding their digital presence while leveraging multiple communication platforms, this provides more valuable information for cybercriminals to leverage.

Business-related applications (Zoom, Microsoft, DocuSign) account for 45% of impersonation-related phishing attacks, much more than social media-related applications which consist of Facebook, LinkedIn, and Twitter (34%) or consumer-related applications consisting of websites such as Amazon and PayPal (20%).

A Reduction in Quantity, in Lieu of Quality, Phishing Attacks

Though daily occurrences of phishing attacks have decreased from 36% to 25% between 2020 and 2021, weekly and monthly phishing attacks have increased from 28% to 42% and 11% to 17%, respectively. These attacks are increasingly difficult to detect as cybercriminals become more sophisticated and targeted in their attacks – advancing beyond the ‘batch and blast’ methodology to social engineering phishing campaigns.

As a result of this, the quantity of phishing attempts being experienced by organizations may have decreased daily, but the impact of those campaigns that bypass traditional email security is increasing. As a result of increasing attacks, email security has risen to one of the top 3 IT security projects for 2021 among the organizations surveyed.

Additionally, while the need to remediate phishing attacks daily has decreased from 34% to 18% YoY, occurrences have increased weekly from 28% to 41% on average and monthly from 11% to 16%.

“In today’s email security environment, it is impossible to catch every phishing attack. The results of this benchmark report indicate that cybercriminals are relentless and continue to advance their techniques to exploit systems and people.” said Kevin O’Brien, Co-founder and CEO of GreatHorn. “Email security providers must shift their approach to understanding and controlling threat vectors in order to analyze deviations from the norm. Only from there can they create automated defense systems that produce a layered approach to mitigating risk.”

Additional Key Stats

  • Email security (48%), securing telework (41%) and cloud security posture management (40%) are the top 3 security projects for 2021.
  • Missing phishing attacks remains the top issue in current email security solutions with 39% of respondents noting this as a top concern in both 2020 and 2021.
  • Fewer organizations report being “satisfied” with their current email security solution, decreasing from 76% in 2020 to 53% in 2021. On the other hand, organizations reporting their email security solution was “good enough” increased from 19% in 2020 to 36% in 2021.
  • The top 3 threats that concern IT professions are:
    • Payload Attacks: rising from 16% to 21%,
    • Wire Transfer Requests: rising from 8% to 14%
    • Compromised Accounts: rising from 8% to 10%
  • The report with full details and data can be downloaded here.

    About GreatHorn

    GreatHorn safeguards cloud email from advanced threats like impersonations, credential theft, malware, and social engineering attacks by protecting organizations before, during, and after an email attack. Through its proactive threat detection engine, end-user education, and robust remediation capabilities, GreatHorn frees security teams from time-consuming email security management to enable them to respond to genuine threats faster. More information is available at

Get Your FREE Email Threat Assessment

Learn what advanced threats are currently getting through your existing email security and into your end users’ mailboxes.