Email impersonation attacks target dispersed workforces
With increased numbers of people working remotely, a new report reveals that cybercriminals are using email impersonation to prey on the sense of urgency of an increasingly distracted and dispersed workforce.
Email security company GreatHorn has collected data from over 640 security, IT and C-suite professionals to gain a better understanding of new threat vectors and attack strategies. It found almost half of respondents (48.7 percent) report seeing impersonations of people such as colleagues, customers or vendors.
Over a third of respondents (35.1 percent) say that people impersonation attacks rank as their top email threat in 2020. In addition 42.4 percent report seeing impersonations of well-known brands in their inbox -- a sharp rise from just 22.4 percent in 2019. In fact 10 percent of participants flagged brand impersonations as their top email threat, another increase from just 4.8 percent in 2019.
Email is still a major source of threats generally, more than a third of respondents (35.8 percent) report seeing phishing, impersonations, credential theft, spoofing, malware, ransomware or other email threats in their inbox on a daily basis -- up from 24.3 percent in 2019.
A third of respondents (33.6 percent) say they need to remediate an email-based attack every day -- including suspending compromised email accounts, running PowerShell scripts, resetting compromised application accounts, legal action and more -- a huge 165 percent increase from 2019, when only 12.7 percent reported the need to remediate an email-based attack on a daily basis.
"This year's survey data presents a clear reminder that organizations continue to be inundated with email-based attacks, most notably impersonations, that require constant remediation," says GreatHorn CEO Kevin O'Brien. "It's impossible to prevent all phishing attacks, which is why it’s so important for IT professionals to reassess their email security strategy by putting a renewed emphasis on risk reduction in order to decrease time to detection (TTD) and time to respond (TTR)."
You can find the full report on the GreatHorn site.