For the simple reason that it's often much easier and less expensive. With major headlines in recent years about breaches at Fortune 500 companies, most large organizations have spent millions shoring up their defenses. The most effective way for a hacker to get into your system is still a phishing attack and that doesn't cost much to execute. So, why would a criminal, using fraudulent emails to check as many front doors as possible, try to pick the locks on a large business when small businesses are leaving their doors wide open?
You can read more about topics like this on our Blog: