BEC attacks rose 72 percent in 2022 with smaller businesses in the firing line
Business Email Compromise attacks increased dramatically last year with a 72 percent rise year-on-year over 2021.
The 2023 Email Security Threat Report from Armorblox shows high volumes of language-based and socially engineered attacks targeting organizations of all sizes and across industries.
Small and medium-sized businesses are particularly vulnerable to vendor fraud and supply chain email attacks. Over half of account compromise attacks targeted SMBs (58 percent), proving to be a persistent and prevalent threat.
Bad actors are still infiltrating legitimate business workflows to steal sensitive business information. Business workflows involving email notifications were the most compromised, and half of all attacks involve sensitive user data, such as user login credentials (52 percent).
BEC attacks continue to evolve too. Language remains the main attack vector in 77 percent of BEC attacks that bypassed legacy security solutions in 2022. Of all attacks in 2022, 56 percent bypassed legacy security filters.
More than half of vendor compromise attacks targeted technology organizations (53 percent). Financial fraud attacks such as payroll, payment, and invoice fraud increased by 72 percent in 2022 and are expected to continue to rise in 2023 with banking problems in the headlines. The report expects the use of tools like ChatGPT to lead to a significant increase in the total number of BEC emails that flood user mailboxes in organizations.
"Based on threats analyzed by Armorblox across our customer base of over 58,000 organizations, we see over half of email attacks targeting critical business workflows aim to exfiltrate sensitive user data. These attacks often involve bad actors infiltrating legitimate business communications to alter sensitive business information, such as assigning new routing numbers for payment requests," says DJ Sampath, co-founder and CEO of Armorblox. "These attacks use language as the primary attack vector to impersonate trusted SaaS applications, vendors, and VIPs. This only increases the critical need for organizations to augment native and legacy security layers with modern API-based solutions that use a broad set of deep learning algorithms, machine learning models, data science approaches, and natural language-based techniques to understand the content and context of communications, and protect against these targeted attacks."
The full report is available from the Armorblox site.
Image credit: SIphotography/depositphotos.com