Impersonation attacks have increased 80 percent quarter on quarter, according to a new report
The latest figures show that Impersonation or Business Email Compromise (BEC) attacks have spiked enormously over the last quarter, clocking up an 80 percent increase quarter-on-quarter to hit a total of 41,605.
According to the new ESRA report from Mimecast, which tests the efficiency of email security systems, a significant 203,000 malicious links within 10,072,682 emails were deemed safe by other security systems – a ratio of one unstopped malicious link for every 50 emails inspected.
"Targeted malware, heavily socially-engineered impersonation attacks, and phishing threats are still reaching employee inboxes. This leaves organisations at risk of a data breach and financial loss," said Matthew Gardiner, cybersecurity strategist at Mimecast, in a statement. "These are difficult attacks to identify without specialised security capabilities, and this testing shows that commonly used systems aren’t doing a good job catching them."
Andy Norton, director of threat intelligence for Lastline told SC Media UK that vigilance is the watchword: "The method of intrusion is in a constant state of flux, as bad actors tune, change and invent new campaigns. Stats like these are important as they keep resiliency at the forefront of an organisation’s mind and, therefore, focussed on being vigilant at hunting the threats that do perforate defences. New AI based analytics that connect the ATT@CK chain together, will stop intrusions before they reach incident or breach levels of severity."
The ESRA report also identified 19,086,877 pieces of spam, 13,176 emails containing dangerous file types, and 15,656 malware attachments that were allegedly missed by incumbent providers and potentially delivered to users’ inboxes. As part of the cumulative assessments, Mimecast claims to have inspected more than 142 million emails that have passed through organizations’ incumbent email security vendors. The current report’s infographic is here.
Stephen Burke, Founder & CEO at Cyber Risk Aware told SC Media UK that planning was key: "It goes without saying that technical defences are required such as email filtering/gateways and anti-virus. However, with such a high percentage of malicious emails getting through current defences as criminals regularly test their emails and malware against them, companies must have a ready to go and fully tested incident response plan for when email security solutions are bypassed and reach employees.
"The main focus for companies must be to help their staff know what to look for which can be done through email security awareness training but more importantly, through regularly testing staff with mock phishing tests. These tests should not be carried out to make people feel bad or point the finger of blame for failing to spot the phish. Instead, the aim is to explain and demonstrate to staff that they are the target of cyber-criminals. Cyber-criminals target people, not systems - but importantly, the company needs their help in spotting and preventing these attacks because technical defences alone will never prevent issues from happening. It is not just the role of IT Security to protect the network but everybody in the company."