INFOGRAPHIC
INFOGRAPHIC
Mimecast report finds
increase in Business Email
Compromise (BEC) attacks
Mimecast’s latest ESRA
report has revealed that
millions of spam, tens
of thousands of BEC or
impersonation attacks,
dangerous file types and
malware attachments
are being delivered to
users’ inboxes.
M
imecast, a leading email and data
security company, has announced
the availability of its latest Email
Security Risk Assessment (ESRA).
The quarterly assessment is an aggregated
report of tests that measure the efficacy of
widely used email security systems.
This quarter’s ESRA report found a
significant increase in Business Email
Compromise (BEC) attacks, emails
containing dangerous file types, malware
attachments and spam being delivered
to users’ inboxes from incumbent email
security systems.
BEC attacks, also referred to as email-based
impersonation fraud, is an issue that is not
“
going away because these attacks can
easily evade many traditional email security
systems on a global scale.
The latest ESRA found a 269% increase in
these types of attacks, in comparison to the
same findings in last quarter’s report.
This trend was also reflected in recent
research, the State of Email Security 2019
report, which found that 85% of the
1,025 global respondents experienced an
impersonation attack in 2018, with 73% of
those victims having experienced a direct
business impact – like financial, data or
customer loss.
The rise in BEC attacks underscores the need
for organisations to add protection against
well-resourced attackers.
BEC attacks are not the only method
cybercriminals have been successfully
leveraging to target organisations.
The ESRA report found 28,783,892 spam
emails, 28,808 malware attachments and
28,726 dangerous files types were all missed
by incumbent providers and delivered to
users’ inboxes, an overall false negative rate
of 11% of inspected emails. The results from
the report demonstrate the need for the
THE INDUSTRY MUST
FOCUS THEIR EFFORTS ON INVESTING IN
RESEARCH AND DEVELOPMENT, UNIFIED
INTEGRATIONS AND MAKING IT EASIER
FOR USERS TO BE PART OF SECURITY
DEFENCES, DRIVING RESILIENCE
AGAINST EVOLVING ATTACKS.
26
INTELLIGENTCIO
Joshua Douglas, Vice President of Threat
Intelligence at Mimecast
entire industry to continue to work toward a
higher standard of email security.
“This ESRA report pointed out that
impersonation attacks continue to menace
all types of organisations, but I think the
real issue is that there are tens of thousands
of email-borne threats successfully able
to bypass the email security systems that
organisations’ have in place, effectively
leaving them vulnerable and putting a lot
of pressure on their employees to discern
malicious emails,” said Joshua Douglas, Vice
President of Threat Intelligence at Mimecast.
“Cybercriminals will always look for new ways
to bypass traditional defences and fool users.
“This means the industry must focus
their efforts on investing in research and
development, unified integrations and
making it easier for users to be part of
security defences, driving resilience against
evolving attacks.”
Mimecast produces quarterly ESRA reports
to offer organisations insights on the rise of
new types of email-borne threats and key
trends in malicious email campaigns. n
www.intelligentcio.com
www.intelligentcio.com