Story image

Report reveals 80% increase in email impersonation attacks

30 Aug 18

Email and data security company Mimecast has announced the availability of its latest quarterly Email Security Risk Assessment (ESRA), an aggregated report of tests that measure the efficacy of widely used email security systems.

A Mimecast ESRA helps participating organisations better understand the number and type of email-borne threats that are getting through their current defences.

As part of the cumulative assessments, Mimecast has inspected more than 142 million emails that have passed through organisations’ incumbent email security vendors.

Latest results revealed 203,000 malicious links within 10,072,682 emails were deemed safe by other security systems – a ratio of one unstopped malicious link for every 50 emails inspected.

The report also found an 80% increase of impersonation attacks in comparison to last quarters’ report with 41,605 caught.

Additionally, 19,086,877 pieces of spam, 13,176 emails containing dangerous file types, and 15,656 malware attachments were all missed by these incumbent providers and delivered to users’ inboxes.

“Targeted malware, heavily socially-engineered impersonation attacks, and phishing threats are still reaching employee inboxes. This leaves organisations at risk of a data breach and financial loss,” says Mimecast cybersecurity strategist Matthew Gardiner.

“Our latest quarterly analysis saw a continued attacker focus on impersonation attacks quarter-on-quarter. These are difficult attacks to identify without specialised security capabilities, and this testing shows that commonly used systems aren’t doing a good job catching them.”

The report indicates the need for organisations to enhance their cyber resilience strategies for email with a multi-layered approach that includes a third-party service provider.

This new ESRA report follows an SE Labs Independent Email Security Services Protection group test, which gave Mimecast the top “AAA” rating.

Other email security services SE Labs evaluated were from Microsoft, Forcepoint, Symantec and Proofpoint.

“The SE Labs report highlights the need for multiple layers of protection to increase security efficacy and to address the rise of more advanced email attacks,” says Gardiner.

Mimecast is engineered to use multiple layers and types of detection engines, combined with analytics and a diverse set of threat intelligence sources, overseen by the Mimecast security operations centre.

This helps protect email data and employees from malware, spam, phishing, and targeted attacks.

ForeScout acquires OT security company SecurityMatters for US$113mil
Recent cyberattacks, such as WannaCry, NotPetya and Triton, demonstrated how vulnerable OT networks can result in significant business disruption and financial loss.
'DerpTrolling’ faces jail time for Sony DoS attacks
A United States federal court has charged a 23-year-old man for the hacks on Sony Online Entertainment and other major companies back in 2014.
Dropbox strengthens security with raft of new partnerships
Integrations will keep customer content protected and secure with tools for controlling identity access, governing data, and managing devices.
Companies swamped by critical vulnerabilities – Tenable
Research has found enterprises identify 870 unique vulnerabilities on internal systems every day, on average, with over 100 of them being critical.
Exclusive: Okta’s new GM shares its APAC strategy
“We believe that partnering with systems integrators, independent software vendors and consulting companies is a key factor of success for Okta.”
Three access management trends making waves in APAC
Consumer identity proofing, authentication, and authorisation will top the $37 billion value mark by 2023.
Combatting the rise of Cybercrime-as-a-Service
Amateur cybercriminals (or anyone with a grudge), can execute spam attacks, steal people’s identities, and more. 
ThreatQuotient partners with Visa for payments safety
“Cyber criminals are reusing tactics, techniques and procedures, leaving a recognisable trail of breadcrumbs and insights into the very attacks they are launching.”