Email security systems miss thousands of malicious links

A new study from email security company Mimecast shows that malicious links in emails are being missed by many security systems.

Mimecast examined more than 142 million emails that had passed through organizations' email security vendors. The latest results reveal 203,000 malicious links within 10,072,682 emails were deemed safe by other security systems -- a ratio of one unstopped malicious link for every 50 emails inspected.

The report also finds an 80 percent increase impersonation attacks in comparison to last quarters' figures. Additionally, 19,086,877 pieces of spam, 13,176 emails containing dangerous file types, and 15,656 malware attachments were all missed by these incumbent security providers and delivered to users' inboxes.

"Targeted malware, heavily socially-engineered impersonation attacks, and phishing threats are still reaching employee inboxes. This leaves organizations at risk of a data breach and financial loss," says Matthew Gardiner, cybersecurity strategist at Mimecast. "Our latest quarterly analysis saw a continued attacker focus on impersonation attacks quarter-on-quarter. These are difficult attacks to identify without specialized security capabilities, and this testing shows that commonly used systems aren’t doing a good job catching them."

The report shows the need for organizations to enhance their cyber resilience strategies for email by adopting a multi-layered approach, that includes a third-party service provider, in order to address the rise of more advanced email attacks.

The full report is available to download from the Mimecast website.

Photo Credit: Balefire/Shutterstock