Email Impersonation Attacks Skyrocket

Wednesday, August 29, 2018 @ 09:08 AM gHale

There is a huge volume of email threats that go undetected by the incumbent technologies, a new report found.

In addition, the sheer size of the email threat is over the top, the report said.

Email Impersonation Attacks on Rise
Compliance Violations Witnesses Looking to Leave
IT Infrastructure Struggle for SMBs: Report
Industrial Firms Hit by Spear Phishing

The ESRA report from Mimecast covers more than 142 million emails received by almost 261,924 users. The incumbent email security was Office 365 and Proofpoint.

ESRA’s analysis shows more than 19 million spam emails; 13,176 emails containing dangerous file types; and 15,656 malware attachments were missed by the incumbent security and delivered to users’ inboxes. It also discovered 203,000 malicious links within just over 10 million emails that were delivered to inboxes — a ratio of around one unstopped malicious link in every 50 inspected emails.

This doesn’t mean the bad emails were effective, only they were delivered to their destination. Other security controls might detect malware and inhibit users from clicking on malicious links — but it does imply these additional controls need to be 100 percent effective against threats that could have been blocked before delivery.

There was an 80 percent increase in impersonation attacks over the last quarter’s analysis. Mimecast detected 41,605 cases missed by the organizations’ existing controls.

“Targeted malware, heavily socially-engineered impersonation attacks, and phishing threats are still reaching employee inboxes. This leaves organizations at risk of a data breach and financial loss,” said Matthew Gardiner, cybersecurity strategist at Mimecast. “Our latest quarterly analysis saw a continued attacker focus on impersonation attacks quarter-on-quarter. These are difficult attacks to identify without specialized security capabilities, and this testing shows that commonly used systems aren’t doing a good job catching them.”

Leave a Reply

You must be logged in to post a comment.