Monday 18 June 2018

Jennings: Attacks are getting through existing email
security defences at an alarming rate

Impersonation attacks surge 400pc: report

DUBAI, June 14, 2017

The number of impersonation attacks detected in the first quarter of 2017 rose more than 400 per cent in comparison to the data initially reported in the February, said a report from Mimecast, a leading email and data security company.

Both known and unknown attacks, as well as spam, are continuing to get through incumbent email security systems, added the quarterly release of the Mimecast Email Security Risk Assessment (ESRA), a test which measures the effectiveness of email security systems currently in use by thousands of organizations globally.

Impersonation attacks consist of social engineering heavy emails that attempt to impersonate a trusted party such as a C-level executive, employee or business partner. This simple method of attack is being exploited at an alarming rate as it can be used to dupe recipients into initiating wire-transfers and sending back other sensitive data leading to significant financial loss– as evidenced by widely publicized recent attacks.

In fact, a public service announcement issued by the Federal Bureau of Investigation (FBI) stated that between October 2013 and December 2016 business email compromise scams resulted in a total loss of more than $5.3 billion. Between January 2015 and December 2016 alone, there was a 2,370 per cent increase in identified exposed losses.

This latest ESRA reflects findings from inspecting the inbound email for more than 44,000 users over a cumulative287 days received by participating organizations. In aggregate to date more than 40 million emails have been inspected by Mimecast, all of which had already passed through the incumbent email security vendor or cloud email service in use by each organization.

The ESRA test uncovered almost 9 million pieces of spam, 8,318 dangerous file types, 1,669 known and 487 unknown malware attachments and 8,605 impersonation attacks. The data reinforces the concerning reality that the industry must work towards a higher standard of email security, as 90 per cent of attacks start with email. In general, organizations everywhere are struggling with prolific ransomware attacks, like Locky.

“Cybercriminals are constantly adapting their attack methods. For instance, this latest ESRA analysis reflects how impersonation attacks are getting through existing email security defences at an alarming rate. If a CISO isn’t reviewing its current email security solution on a 12-18 month basis, they may be surprised at what threats are now getting into employees’ inboxes,” said Ed Jennings, chief operating officer at Mimecast.

 “At the same time, email security providers need to ensure they’re doing their due diligence to protect customers from new attacks, whether they be advanced or simple. The Mimecast ESRA results show a clear need for the security industry to come together in the fight against email-borne threats.” – TradeArabia News Service

Tags: Email | Mimecast | data security |

More IT & Telecommunications Stories

calendarCalendar of Events