New Report Finds Staggering Increase in Business Email Compromise (BEC) Attacks
BEC attacks, also referred to as email-based impersonation fraud, is an issue that is not going away because these attacks can easily evade many traditional email security systems on a global scale. The latest ESRA found a 269% increase in these types of attacks, in comparison to the same findings in last quarter’s report. This trend was also reflected in recent research, the State of Email Security 2019 report, which found that 85% of the 1,025 global respondents experienced an impersonation attack in 2018, with 73% of those victims having experienced a direct business impact – like financial, data or customer loss.
The rise in BEC attacks underscores the need for organizations to add protection against well-resourced attackers. A 2019 Osterman Research Report titled “Ten Questions to Ask About Your Office 365 Deployment”, concluded
BEC attacks are not the only method cybercriminals have been successfully leveraging to target organizations. The ESRA report found 28,783,892 spam emails, 28,808 malware attachments and 28,726 dangerous files types were all missed by incumbent providers and delivered to users’ inboxes, an overall false negative rate of 11% of inspected emails. The results from the report demonstrate the need for the entire industry to continue to work toward a higher standard of email security.
“This ESRA report pointed out that impersonation attacks continue to menace all types of organizations, but I think the real issue is that there are tens of thousands email-borne threats successfully able to bypass the email security systems that organizations’ have in place, effectively leaving them vulnerable and putting a lot of pressure on their employees to discern malicious emails,” said
- Download the Email Security Risk Assessment infographic
- Understand the key findings from the State of Email Security 2019 report
1 Specific security policy settings and controls of the incumbent email security system are directly managed by the individual customers of these other vendors.
Source: Mimecast Limited