Organizations Take 43 Hours to Detect an Spear Phishing Cyber Attack

Spear Phishing Cyber AttackNew data makes it crystal clear that spear phishing is a real problem… and organizations may not properly be prepared to detect and address it.

Cybercriminals know the more targeted a phishing attack – from the email theming to the impersonation to the intended victim – the more likely the attack will be a success.

According to Barracuda’s 2023 Spear-Phishing Trends report, this is exactly what’s happening:

  • 50% of organizations were victims of spear phishing in the last 12 months
  • 1 in 4 organizations had at least one email account compromised in 2022
  • A typical organization receives 5 highly personalized spear phishing emails per day

With all this spear phishing, how well are organizations responding? According to the report, while we’re measuring in hours instead of days or weeks, the response time is still material:

  • On average, it takes organizations nearly 100 hours to identify, respond to, and remediate a post-delivery email threat
  • It takes 43 hours to detect the attack and 56 hours to respond and remediate after the attack is detected

100 hours is plenty of time for a threat actor to wreak havoc within an organization, making it far more logical to work to prevent such attacks. That's something that new-school security awareness training can prevent AND a lightweight security orchestration, automation and response platform can allow SOC teams to cut through the inbox noise and respond to spear phishing threats more quickly and efficiently." 

Live Demo: Identify and Respond to Email Threats Faster with PhishER

With only approximately 1 in 10 user-reported emails being verified as actually malicious, how do you not only handle the phishing attacks and threats—and just as importantly—effectively manage the other 90% of user-reported messages accurately and efficiently? PhishER.


To learn how, get a product demonstration of the new PhishER Security Orchestration, Automation and Response (SOAR) platform. In this live one-on-one demo we will show you how easy it is to identify and respond to email threats faster:

  • Automate prioritization of email messages by rules you set that categorize messages as Clean, Spam, or Threat
  • Augment your analysis and prioritization of messages with PhishML, a PhishER machine-learning module
  • Search, find, and remove email threats with PhishRIP, PhishER’s new email quarantine feature for Microsoft 365 and G Suite
  • NEW! Automatically flip active phishing attacks into safe simulated phishing campaigns with PhishFlip. You can even replace active phishing emails with safe look-alikes in your user’s inbox.
  • Easily integrate with KnowBe4's email add-in button, Phish Alert, or forwarding to a mailbox works too!

Request A Demo

PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:

Topics: Spear Phishing

Subscribe To Our Blog

Comprehensive Anti-Phishing Guide

Get the latest about social engineering

Subscribe to CyberheistNews