Cybercriminals turn to impersonation attacks: Mimecast
Cyberattackers are expanding their attack vectors to steal money, gain access to corporate and employee data
There was an 80% increase in impersonation attacks in the second quarter of 2018 compared to Q1, according to the Mimecast’s latest Email Security Risk Assessment (ESRA), an aggregated report of tests that measure the efficacy of widely used email security systems.
Impersonation or business email compromise (BEC) attacks are generally targeted at top–level executives, executed by sending an email to the target in which the sender attempts to masquerade as a trusted source. This is done in order to gain access to target’s sensitive information, such as financial data.
“Targeted malware, heavily socially-engineered impersonation attacks, and phishing threats are still reaching employee inboxes. This leaves organisations at risk of a data breach and financial loss,” said Matthew Gardiner, cybersecurity strategist at Mimecast. “Our latest quarterly analysis saw a continued attacker focus on impersonation attacks quarter-on-quarter. These are difficult attacks to identify without specialised security capabilities, and this testing shows that commonly used systems aren’t doing a good job catching them.”
The email and data security company said its products caught 41,605 impersonation attacks in the quarter. It also identified 19,086,877 pieces of spam, 13,176 emails containing dangerous file types, and 15,656 malware attachments that were all missed by other security and delivered to users’ inboxes.
A Mimecast ESRA helps participating organisations better understand the number and type of email-borne threats that are getting through their current defences. As part of the cumulative assessments, Mimecast has inspected more than 142 million emails that have passed through organisations’ incumbent email security vendors. Latest results revealed 203,000 malicious links within 10,072,682 emails were deemed safe by other security systems – a ratio of one unstopped malicious link for every 50 emails inspected.
The report indicates the need for organisations to enhance their cyber resilience strategies for email with a multi-layered approach that includes a third-party service provider.