2019 State of Email Security
Email impersonation attacks, or email fraud, continues to grow, with Mimecast’s 2019 State of Email Security Report showing a 67% increase in attacks compared to 2018. The report finds that 73% of those organisations impacted by impersonation attacks having experienced a direct loss, specifically loss of customers (28%), financial loss (29%) and data loss (40%). Phishing attacks were the most prominent type of cyber attack, with 94% of respondents having experienced phishing and spear phishing attacks in the previous 12 months, and 55% cited seeing an increase in phishing attacks over the same time period.
Key findings from the report:
We want to draw attention in particular to impersonation attacks, which aim to trick employees into taking action like transferring money or divulging sensitive information. They do this by making it look like the request has come from someone they know and trust – like a CEO or CFO for example. Detecting and stopping these increasingly-sophisticated social engineering attacks needs a multi-layered approach.
Types of Impersonation Attacks
- Lookalike domains
- Display name spoofing
- Newly registered domains
- Reply-to mismatch
- Social engineering language in the subject / body of any email
- Owned domains (unauthorised)
The last item above is the illegitimate use of an organisation’s owned domains, and the most difficult to detect. Using Domain-based Message Authentication, Reporting & Conformance (DMARC) authentication is the best defensive strategy. It works by preventing anyone except for specifically authorised senders to send mail using an organisations domain. There are third-party senders like CRM and marketing automation systems that need to send mail and these can be authorised while others are blocked, or rejected.
Enablis works closely with Mimecast to offer a specialist service that help customers better protect themselves against these attacks. Mimecast’s gateway and Targeted Threat Protection – Impersonation Protect service combines multiple indicators of compromise to stop attacks using most of the tactics listed, from targeting employees. The service includes prevention the unauthorised use of an organisation’s own domain(s) to attack their customers, suppliers, other external parties and even their own employees.
Relying on employees to accurately recognise if they are targeted by this type of attack is not enough. Talk to us today and together with Mimecast, we’ll ensure you’ll receive the best level of defense against all types of impersonation attacks.
You can download Mimecast’s full 2019 State of Email Security report HERE.